dreamy@quokk.au to Mildly Infuriating@lemmy.worldEnglish · 5 days agoWhy?quokk.auimagemessage-square131fedilinkarrow-up1526arrow-down121file-text
arrow-up1505arrow-down1imageWhy?quokk.audreamy@quokk.au to Mildly Infuriating@lemmy.worldEnglish · 5 days agomessage-square131fedilinkfile-text
minus-squareWispy2891@lemmy.worldlinkfedilinkEnglisharrow-up2·4 days agoBut most oauth implementations use the user email as identifier so they get the email anyway
minus-squareit_depends_man@lemmy.worldlinkfedilinkEnglisharrow-up4·4 days agoAll the smarter ones don’t because an email can change, your google account unique id will not, that’s the purpose of account IDs. I won’t deny that many people/websites probably do use email though. Which is bad. But I can’t deny that that probably is what is happening.
minus-squareWispy2891@lemmy.worldlinkfedilinkEnglisharrow-up1·4 days agoi saw many that use the email as “convenience”, as the user can later login with a magic link (i hate those!) without the oauth or even using another oauth service linked to the same email
But most oauth implementations use the user email as identifier so they get the email anyway
All the smarter ones don’t because an email can change, your google account unique id will not, that’s the purpose of account IDs.
I won’t deny that many people/websites probably do use email though. Which is bad. But I can’t deny that that probably is what is happening.
i saw many that use the email as “convenience”, as the user can later login with a magic link (i hate those!) without the oauth or even using another oauth service linked to the same email