MozillaWiki

Mozillians/API-Access: Difference between revisions

Page Discussion

Mozillians/API-Access (view source)

Revision as of 22:24, 16 May 2014

191 bytes added ,  16 May 2014
→‎How the API currently works
Line 13: Line 13:
* Initially the Corporate API key was intended for a select few, but it has been granted more widely, even to users whose applications are unreviewed and running on unknown hardware.
* Initially the Corporate API key was intended for a select few, but it has been granted more widely, even to users whose applications are unreviewed and running on unknown hardware.
* In the time since the API was implemented, user profiles have been enhanced with per-field privacy levels. Users can specify that certain fields are public or for Mozillians only. But the API doesn't expose these per-field privacy levels, so API consumers with Corporate-level access don't know which fields are public. There is certain potential for PII leakage as a result.
* In the time since the API was implemented, user profiles have been enhanced with per-field privacy levels. Users can specify that certain fields are public or for Mozillians only. But the API doesn't expose these per-field privacy levels, so API consumers with Corporate-level access don't know which fields are public. There is certain potential for PII leakage as a result.
* Since realizing all of the above, we've been hesitant to grant new API access to *anyone*. This is unfortunate as we're missing opportunities to extend the platform and grow the community.


= New proposal =
= New proposal =
Hoosteeno
Confirmed users
583

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/977820"