Open zarvox opened 3 years ago
The flip side is that without guilds.join
we won't have an automatic way to link a JR user back to a Discord account. Unless people link their accounts manually (and based on experience with Slack, I worry that they won't), we won't have any way to do permission management and such.
I don't think that's necessarily true? We can retain the behavior where you don't get access unless you've linked accounts in jolly-roger
. Suppose the following:
CREATE_INSTANT_INVITE
permission on @everyone
)identity
scope to link their jolly-roger and Discord identities (which we can retrieve after OAuthing via /users/@me
)I think we should still do this, especially in light of the move to more hunt-attached behavior for external services rather than server-attached behavior for external services. In the hunt-attached model, I propose:
Some people expressed concern at the fact that jolly-roger requests
guilds.join
, which allows us to make users members of our guild, when we could instead provide invite links (and require an additional click to accept the guild invite), to allow the user to drive that action rather than requiring a kinda-powerful scope on our tokens.