Now that we use the /read-limited scope for ORCID authentication, we can expect to capture more information about our users during the login flow. There are use cases for having our users' email addresses, such as:
Emailing submission authors if need be
Notifying users who download data from the data portal of anything that they might need to know about the data they downloaded (this came up during the infrastructure sync on 5/30)
I would suggest adding a column to the user_logins table called orcid_email, and trying to read that info post-login, similarly to how we update user's names. We should update the /users endpoint and associated view to include the email address.
Now that we use the
/read-limitedscope for ORCID authentication, we can expect to capture more information about our users during the login flow. There are use cases for having our users' email addresses, such as:I would suggest adding a column to the
user_loginstable calledorcid_email, and trying to read that info post-login, similarly to how we update user's names. We should update the/usersendpoint and associated view to include the email address.