Sender email address when installation is created?


#1

With OAuth, we can ask for the user:email scope to capture the user’s email address.

With the Integration API, there’s a sender key in the event payload, but there isn’t an email address in the payload that I can tell.

It’d be nice to get a verified email address w/the sender. It gives us someone to reach out to if bugs occur and supports a “signup with github”-button like-flow.

Without the email, it seems like you’d need to (1) OAuth a user (2) ask for GitHub Integration permissions to have a GitHub-based signup in an integration. My hunch is users would be confused by the almost-similar looking steps.

Am I missing something?


#2

Thanks for the detailed request @itsderek23. You’re not missing anything that’s currently implemented.

We’re taking some time to chat about this topic and alternative solutions internally, and we’ll report back.


#3

Thanks @jmilas.

The flow actually reminds me a bit of the Heroku Addon API - you don’t actually get an email when the addon is provisioned (which makes sense - the owner email can change).

Instead, you can query for the app info (which would be analogous to querying for installation info by installation id w/GithHub), which returns the owner info:

"owner": {
    "uuid":  "31e71f4d-b0f6-4250-8c1a-f914b99adba2",
    "email": "glenn@heroku.com"
  },

Also - somewhat related - Heroku does give access to the user email on authentication.

Access to these emails is pretty nice - otherwise, it’s kind of a one-way street when any problems occur. We’re able to be a lot more proactive on problems w/an email address.

Finally, w/o an email, if an integration customer contacts us with an issue, I don’t think there’s a way we can legitimatize their identify (since they may not have a public email listed on GitHub).

Enough harping :wink: . Really excited about the integration.


#4

Hi!

did you progress with your plans on this? I think it’s crucial for integration builders to have a relation with their users, how else would you do paid integrations? Are there plans to solve this within integrations or should we look into a OAuth/integrations hybrid as outline by Derek above?

thanks,
Florian


#5

Hey @theflow,

Thanks for checking in. We are still discussing this at the moment, and we’ll let you know when we have more details.

Are there plans to solve this within integrations or should we look into a OAuth/integrations hybrid as outline by Derek above?

We do plan to address this need, so I would hold off on any hybrid approach or workaround.


Request for support of OAuth scopes `user` / `user:email`
#6

I’m interested in this as well.
We’d have no way to contact the person integrating with us (and it’s a paid product).


#7

Any update on this or a solution for it?


#8

Please let us retrieve the email of people signing up to apps based on GitHub :slight_smile:


#9

Cross referencing this: