the importance of /me
DESCRIPTION
My presentation at APIdays Mediterranea 2014, in Barcelona. Here's a great summary: http://saasinsights.getapp.com/war-over-online-identities-power-of-me/TRANSCRIPT
30 May 2014Bruno Pedro
The Importance of /me
pict
ure
© W
erne
r Kra
use
Bruno Pedro Web and Cloud Computing Technologist with over ten years’ experience. CTO of GetApp. Editor at APIUX.com.
http://brunopedro.com/
Web giants are waging a battle over your online identity. — WSJ, May 21 2014
Facebook and Google will eventually be removed from all Yahoo properties. – Reuters, March 5 2014
53%
Social login preferencesJanuary – March 2014
source: Gigya
Facebook business is about monetizing the people in their network. — Businessweek, 2009
Use Facebook to actually prefill data that your users might have to type. – Smashing Magazine
OAuth2 + proper scopes.
pict
ure
© W
erne
r Kra
use
/me is a way to expose information about the authorized user.
/me
‘me’ person ID
/account/verify_credentials
/user
What about your API?
What to expose• username
• user picture or avatar
• first name and last name
• language
• time zone
• country
What not to expose• e-mail address
• phone number
• billing information
• financial information
• mailing address
• current locationrisk
Use the appropriate OAuth2 scopes.
Use the appropriate OAuth2 scopes.
“access my basic information”
Expose safe information!
Offer a way to revoke permissions!
Questions?