Why 'user' scope and not 'user:email' or similar?

[gpaul]

The README suggests asking for user scope.

This means users will have to authorize the application for the following:

Personal user data: Full access This application will be able to read and write all user data. This includes the following: Private email addresses Private profile information Followers

Is that really necessary? I cannot imagine giving a third-party write permission to my private email addresses or private profile information.

See https://github.com/cockroachdb/cockroach/issues/14018 for background.

[pwielgolaski]

it is fair point, there was no bigger thinking behind using "user", but I agree it should not be used here. I change implementation and made scope optional in 1.0.4, when you don't specify scope in configuration you should be good.