per oauth spec you get told what is shared. usually it’s just your user id (which often is email or username), i haven’t seen crazy scopes in the wild in a while
Some services even have an option to only share a dummy email and not your real. Apple for example does this, so all the site gets is “36382618161@apple.com” (don’t know the exact format). And it is only tied to your real email address on apple’s side
iltg@sh.itjust.works 22 hours ago
per oauth spec you get told what is shared. usually it’s just your user id (which often is email or username), i haven’t seen crazy scopes in the wild in a while
Tanoh@lemmy.world 15 hours ago
Some services even have an option to only share a dummy email and not your real. Apple for example does this, so all the site gets is “36382618161@apple.com” (don’t know the exact format). And it is only tied to your real email address on apple’s side