@sha@fosstodon.org @thibaultmol@en.osm.town Good point, it only needs read access to verify the account. I'll change that this week.

thibaultmol@en.osm.town

#microblog is pretty cool how it allows you to leave comments by logging into your fedi account and such.... But .... does it really need to have full account permissions?.... I'm not giving it that, sorry)

example of a micro.blog site: https://taonaw.com/2024/12/11/kagi-bangs-and.html

The image shows an authorization screen for Micro.blog requesting access to a Mastodon account. The screen has a dark background with white text and includes the following elements:

1. A header stating

2024-12-11 2:44 pm

|

Embed

sha@fosstodon.org

@thibaultmol Its creator @manton should be able to figure out what’s going on. Thinking about joining myself.

2024-12-11 3:59 pm

|

Embed

In reply to

manton

@sha @thibaultmol Good point, it only needs read access to verify the account. I'll change that this week.

2024-12-11 4:15 pm

|

Embed

thibaultmol@en.osm.town

@manton @sha
Q: is there a way that you could request read access but without having access to my private mentions or is that not possible? (I haven't looked at the documentation)

2024-12-11 4:33 pm

|

Embed

thibaultmol@en.osm.town

@manton @sha actually, isn't that what
api/v1/accounts/verify_credentials is for?

2024-12-11 4:37 pm

|

Embed

manton

@thibaultmol @sha We do call verify_credentials but auth has to happen first. However, there's a "profile" scope that I think will work without actually getting access to posts or DMs. That's what I'm switching to for this case.

2024-12-11 4:48 pm

|

Embed