Natim
commented
7 years ago Unlike portier, you cannot access the email address for privacy reason in FxA unless you ask for the profile["email"] scope
Open leplatrem opened 7 years ago
Natim
commented
7 years ago Unlike portier, you cannot access the email address for privacy reason in FxA unless you ask for the profile["email"] scope
leplatrem
commented
7 years ago Yes but profile is our default requested scope
Natim
commented
7 years ago Not in production. And we don't actually need it for Kinto, so we shouldn't enforce it.
Natim
commented
7 years ago leplatrem
commented
7 years ago Thanks! Closing ;)
rfk
commented
7 years ago Currently, we only add fxa:
which is the md5 of the email or something like that., but should be considered opaque IMO.
FTR, the fxa userid is a randomly-generated opaque identifier, and you can expect it to remain stable even when we eventually ship the ability to change the email on your firefox account.
Natim
commented
7 years ago Actually, we could also make the fxa-email mandatory for some use cases where we want to enable sharing with email. It would make sense.
Natim
commented
7 years ago In that case we could provide both principals fxa:fxaID and fxa:email
Follow up of @magopian question: how do I know the user id of a FxA user?
Currently, we only add
fxa:<user id>which is the md5 of the email or something like that., but should be considered opaque IMO.Adding
fxa:<email>would allow Kinto permissions to be defined easily for example.