Handle and revoke credentials safely
Store only required values, understand what exports omit, and revoke access in the service that issued it.
- Availability
- Live, limited
- Last verified
- Runtime anchor
ab084f79c5ed3fc6a28f07c64b29920944a0e5db- Certification anchor
db23559179dc3c67be8a1ab16a0f07323b9820f7- Evidence note
- Masking, export redaction, tenant scoping, and local-removal boundaries were verified. No unsupported encryption-at-rest claim is made.
What this does
Store only required values, understand what exports omit, and revoke access in the service that issued it.
Before you begin
- Know which store/provider each token or key belongs to before saving it.
- Never send full credentials, magic links, session cookies, or license keys in screenshots or support email.
What changes outside ArtDrop
Saving or clearing a credential changes ArtDrop-held configuration. Removing a store or clearing a token does not revoke authorization at Shopify, Gelato, Printful, Printify, storage, or the personal-key provider.
Steps
-
Use the narrow credential
Create a credential for the intended app/shop/store with only the scopes required by the current connection UI.
-
Confirm the destination
Save it only on the matching store/provider card, then use Test connection or the provider catalog load. Do not reuse an unrelated shop’s credential as a fallback.
-
Understand storage truth
Hosted browser views mask values and portable exports redact them. Do not infer application-level encryption at rest from masking. Mac configuration is stored locally on the device; protect the device and configuration file and do not claim Keychain-only storage.
-
Rotate safely
Create/authorize the replacement in the external service, update the exact ArtDrop connection, test it, then revoke the old credential externally.
-
Retire both sides
Remove the ArtDrop record when safe, then uninstall/revoke/cancel in the external account as applicable. Preserve required order or tax records.
Expected result
The new credential passes the exact connection test, the old one is revoked at its issuer, and redacted exports contain no credential values.
Limits and non-goals
- Masking protects casual display and exports; it is not proof of a particular infrastructure encryption control.
- A store removal can be blocked while active work or safety coverage is unresolved.
Troubleshooting
- For suspected exposure, revoke at the issuing service first, then replace ArtDrop configuration and inspect recent activity.
- For repeated 401/403, do not keep retrying a possibly revoked key; test and rotate it.
How to undo or clean up
Revocation is performed in the issuer. ArtDrop removal alone is not a security revocation or external cleanup.