Hacker News new | ask | show | jobs
by necovek 2183 days ago
A party in OAuth authentication can request some obligatory information, and if email is part of it, you won't be able to deselect it.

In general, sites use email as an indication of a unique, real person. I imagine most of them do not really care about it afterwards, which is why the SSO systems even work (though, they can demand an email too).
1 comments
joshuaissac 2183 days ago
It was not that Facebook allowed the user to deselect the e-mail address from what would be shared. Rather, it allowed them to randomly generate an e-mail address to share with the other party. I think messages sent to this address were forwarded to the user's Facebook inbox.

And to answer scarlac's question, yes, they removed this feature a very long time ago.

link
necovek 2182 days ago
Ah, thanks for the correction! :)
link