- Why is an external ID-provider used?
An external ID-provider is used, currently Facebook.
The reason is that:
- They generally "maintain" their registers to prevent fake accounts (users with multiple accounts).
- They have more security features (using multifactor authentication etc).
- Furthermore, the end-user will have fewer passwords to remember.
Here is a some other ID-providers
that are considered.
- What data is taken from the ID-provider?
- Facebooks public profile. From the "public profile" these values are used:
- name (as default name) The displayed name can be changed under the user settings.
- image (as default image) The displayed image can be changed under the user settings.
- Email: This email is not shown to the public. You can however enter a separate email which is shown to the public under customer/seller settings.
- What data is shared with the ID-provider?
- Source code?