A generic Apps Script memoization function can be written to cache any function.
We’ve featured a couple of Apps Script optimisation techniques in the past. This example from Justin Poehnelt uses a technique found in many coding syntaxes of ‘memoization‘:
In computing, memoization or memoisation is an optimization technique used primarily to speed up computer programs by storing the results of expensive function calls to pure functions and returning the cached result when the same inputs occur again
In the example provided in the source post by Justin it defaults to CacheService.getScriptCache() to store the memoized results but it would be easy to change this to CacheService.getUserCache() or CacheService.getDocumentCache(). With a little modification you could also include Properties Service.
The impact of this change is it breaks /uc embeds and these have started returning 403 errors. There is no reference to the /uc endpoint in the original announcement, which is why I think many people are only just finding out about the impact now. Google’s official guidance is to move to <iframe> with Google Drive publish and preview links. This post from Justin Poehnelt discusses the options and limitations for images.
Avoid downloading private service account keys by using impersonation in Apps Script to obtain access tokens.
For Google Workspace Admins you can gain super powers (and super responsibility) using Google Cloud project service accounts. A common scenario is using service accounts with domain-wide delegation to make API calls impersonating Google Workspace users. With this you can do things like set a user’s Gmail settings including signatures, authenticate as a user in Google Chat and much more.
A quick way to use a service account is to download a JSON key. The challenge then given the potential capabilities of service accounts is securely storing the JSON key. A alternative approach, which is explained in this post by Justin Poehnelt, is using Apps Script to create and fetch a short-lived credential for your service account.
Short-lived credentials are highly recommended for applications requiring robust security and precise access control for service accounts, reducing the attack surface and the risks with accidentally exposing static secrets.
You can find out more include code snippets/setup in Justin’s post which also links to the support documentation.