docs/data/reusables/apps/app-services.md

If your app uses third-party services, they should be used in a secure manner:

• Any services used by your app should have a unique login and password.
• Apps should not share service accounts such as email or database services to manage your SaaS service.
• Only employees with administrative duties should have admin access to the infrastructure that hosts your app.