docs: Add warnings regarding consuming externally sourced credentials (#80)

parthea · web-flow · commit ab923498a4f9 · 2025-01-29T12:30:10.000-06:00
diff --git a/pydata_google_auth/auth.py b/pydata_google_auth/auth.py
@@ -502,6 +502,17 @@ def load_user_credentials(path):
     """
     Gets user account credentials from JSON file at ``path``.
 
+    .. warning::
+        Important: If you accept a credential configuration (credential JSON/File/Stream)
+        from an external source for authentication to Google Cloud Platform, you must
+        validate it before providing it to any Google API or client library. Providing an
+        unvalidated credential configuration to Google APIs or libraries can compromise
+        the security of your systems and data. For more information, refer to
+        `Validate credential configurations from external sources`_.
+
+    .. _Validate credential configurations from external sources:
+        https://cloud.google.com/docs/authentication/external/externally-sourced-credentials
+
     Parameters
     ----------
     path : str
