Now that the users.profile.set API endpoint is public, this app shouldn't need to depend on the legacy auth token to update the user profile anymore -- it should be able to go off of the app auth token generated when they opt in.
I think work required would just be:
Updating usage of the legacy auth token to use the new auth token
Updating the scopes the app requests from users authorizing it to include the users.profile:write scope
Given that this auth token is per-user instead of per-organization, this might also ease the rate limiting assumptions the app need to defend against.
robhruska
commented
7 years ago
Now that the
users.profile.setAPI endpoint is public, this app shouldn't need to depend on the legacy auth token to update the user profile anymore -- it should be able to go off of the app auth token generated when they opt in.I think work required would just be:
users.profile:writescopeGiven that this auth token is per-user instead of per-organization, this might also ease the rate limiting assumptions the app need to defend against.