In the case when you are using an embedded oauth connector (ex : PBI, sharepoint on line etc.) today the token is stored inside the project. It means someone else getting access to your project can use it to do things on your behalf.
Would it be possible in this precise case to add security, like only the token requestor can use the stored token (like hashing the token with the login) ?
So that if another user tries to use the connector, it is marked as not usable and the user knows he has to re-authorize the connector to use it.
As far as I understand (I might be mistaken) you currently perform a scripted silent installation of EasyMorph Desktop. What if we add a flag to EasyMorph.config.xml to disable embedded connectors at all? In this case, you will be able to add this flag to the XML config file automatically in the scripted installation and disable embedded connections altogether, because I assume their existence poses security challenges for your organization.
It was only a feature request to address this security topic. I don’t think the config file would be a solution because as I remember, it is stored in the user folder so the user would still be able to update it. Moreover it’s not really solving things, just blocking the feature.