Scopes
In a typical sign-in scenario, the third party redirects the user to the sign-in form in order to obtain their identity information. The third party needs to supply its own identification (client_id
) as well as the list of user data it is interested in. This is what the scope
query string parameter is for. It contains one or more keywords (comma-separated); the user can then decide whether to share the relevant data.
The list of accepted scopes defines the amount of information returned by the following /api/v1/user
call.
identity
The identity
scope is mandatory and must be accepted by the user. It results in the following items being included in the response to /api/v1/user
:
oauth_user_id
is a unique persistent user account identifieremail
is the user's e-mail address ornull
for users without an e-mailfirstname
is the given name (when available)lastname
is the family name (when available)advert_user_id
is a user account identifier suitable for usage within the Seznam ad infrastructure
contact-phone
Requesting the contact-phone
scope adds the user's contact phone number to the result of the /api/v1/user
call:
contact_phone
(only when provided and validated by the user;null
otherwise)
avatar
Requesting the avatar
scope adds the user's profile picture to the result of the /api/v1/user
call:
avatar_url
– the image's URL
A reasonable URL will be provided for all users, including those without an image – a default auto-generated picture with initials (SVG) will be returned in this case. Picture dimensions (square) can be specified by appending the size after a slash, e.g. ${avatar_url}/64
.
adulthood
Requesting the adulthood
scope adds the user's adulthood information to the result of the /api/v1/user
call:
adulthood
– true/false value corresponding to the user's adult status
The true
value is present for users with a correctly set and verified birth date, at least 18 years old.
The false
value is present for users without a birth date set, unverified or younger than 18 years.
Providing the adulthood information cannot be rejected by the user; it is therefore reasonable to only request the given scope if you really depend on the information.
birthday
Requesting the birthday
scope adds the user's birthday date to the result of the /api/v1/user
call:
birthday
– date of birth in the ISO 8601 format (only when present;null
otherwise)
gender
Requesting the gender
scope adds the user's gender information to the result of the /api/v1/user
call:
gender
– one of the allowed strings"Male" / "Female" / "Other"
(null
if not set)