palantir-security-basics

Featured

Apply Palantir Foundry security best practices for credentials, scopes, and access control. Use when securing API tokens, implementing least privilege access, or auditing Foundry security configuration. Trigger with phrases like "palantir security", "foundry secrets", "secure palantir", "palantir API key security", "foundry scopes".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Palantir Security Basics ## Overview Security best practices for Foundry API tokens, OAuth2 credentials, scope management, and secret rotation. Covers both personal access tokens (dev) and service user credentials (production). ## Prerequisites - Foundry Developer Console access - Understanding of OAuth2 scopes ## Instructions ### Step 1: Secure Credential Storage ```bash # .env — NEVER commit to git FOUNDRY_HOSTNAME=mycompany.palantirfoundry.com FOUNDRY_CLIENT_ID=your-client-id FOUNDRY_CLIENT_SECRET=your-client-secret # .gitignore — ensure .env files are excluded echo '.env' >> .gitignore echo '.env.local' >> .gitignore echo '.env.*.local' >> .gitignore ``` For production, use a secrets manager: ```bash # AWS Secrets Manager aws secretsmanager create-secret --name foundry/prod \ --secret-string '{"client_id":"xxx","client_secret":"yyy","hostname":"zzz"}' # Google Cloud Secret Manager echo -n "your-client-secret" | gcloud secrets create foundry-client-secret --data-file=- # HashiCorp Vault vault kv put secret/foundry client_id=xxx client_secret=yyy ``` ### Step 2: Apply Least Privilege Scopes | Environment | Recommended Scopes | Rationale | |-------------|-------------------|-----------| | Development | `api:read-data` | Read-only prevents accidental mutations | | Staging | `api:read-data`, `api:write-data` | Test writes in safe environment | | Production | Only scopes your app actually needs | Minimize blast radius | ```python # Production app that only reads O...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Google Cloud · Cloud OAuth · Auth

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

palantir-install-auth

Install and configure Palantir Foundry SDK authentication with OAuth2 or token auth. Use when setting up a new Foundry integration, configuring API credentials, or initializing the foundry-platform-sdk in your project. Trigger with phrases like "install palantir", "setup palantir", "palantir auth", "configure palantir API key", "foundry SDK setup".

2,266 Updated today
jeremylongshore
AI & Automation Featured

palantir-enterprise-rbac

Configure Palantir Foundry enterprise access control with project roles, markings, and service users. Use when implementing role-based access, configuring project permissions, or setting up service user accounts for Foundry integrations. Trigger with phrases like "palantir RBAC", "foundry roles", "palantir permissions", "foundry access control", "foundry service user".

2,266 Updated today
jeremylongshore
AI & Automation Featured

palantir-common-errors

Diagnose and fix Palantir Foundry common errors and API exceptions. Use when encountering Foundry errors, debugging failed API calls, or troubleshooting transform build failures. Trigger with phrases like "palantir error", "fix palantir", "foundry not working", "debug foundry", "palantir 401 403".

2,266 Updated today
jeremylongshore
AI & Automation Featured

palantir-prod-checklist

Execute Palantir Foundry production deployment checklist and rollback procedures. Use when deploying Foundry integrations to production, preparing for launch, or implementing go-live procedures. Trigger with phrases like "palantir production", "deploy foundry", "palantir go-live", "foundry launch checklist".

2,266 Updated today
jeremylongshore
AI & Automation Featured

palantir-deploy-integration

Deploy Palantir Foundry integrations to cloud platforms with secrets management. Use when deploying Foundry-powered applications to production, configuring platform-specific secrets, or setting up deployment pipelines. Trigger with phrases like "deploy palantir", "foundry deploy", "palantir production deploy", "foundry Cloud Run".

2,266 Updated today
jeremylongshore