docs: add and update FxA FAQ
This commit is contained in:
vladikoff
Родитель
efda40c294
Коммит
80f590468e
|
|
@ -11,7 +11,17 @@ No. A Firefox Account is only required for Mozilla Services that require authent
|
|||
One of the primary services that uses Firefox Accounts is Firefox Sync, which encrypts all your data client-side before submitting it to the server. The password is used to securely derive an encryption key.
|
||||
|
||||
## What information does Firefox Accounts store about the user?
|
||||
[https://developer.mozilla.org/en-US/Firefox_Accounts#Firefox_Accounts_user_data](https://developer.mozilla.org/en-US/Firefox_Accounts#Firefox_Accounts_user_data)
|
||||
|
||||
Firefox Accounts only stores core identity data and associated profile information about users.
|
||||
Firefox Accounts does not store user data specific to relying services.
|
||||
This is responsibility of each relying service. Core identity data stored in Firefox Accounts includes:
|
||||
|
||||
* a stable user identifier (uid)
|
||||
* the user provided email address
|
||||
* a cryptographically stretched password verifier
|
||||
* the user's locale provided by her browser during account creation
|
||||
* optional display name
|
||||
* optional profile image
|
||||
|
||||
## Can I use Firefox Accounts to store user data for my application or service?
|
||||
In general no.
|
||||
|
|
@ -27,3 +37,32 @@ No.
|
|||
|
||||
## Is it possible to host your own Firefox Accounts service, like with Firefox Sync?
|
||||
[Yes.](https://docs.services.mozilla.com/howtos/run-fxa.html)
|
||||
|
||||
|
||||
# OAuth Integration
|
||||
|
||||
## Why am I getting "Invalid OAuth parameter: scope"?
|
||||
|
||||
If you are requesting a full `profile` scope, then you need to make sure that your OAuth client is marked as `trusted` Mozilla
|
||||
client. This can be done in the OAuth Dev Console or in the database.
|
||||
|
||||
## Where are the OAuth API docs?
|
||||
|
||||
You can find them here: https://github.com/mozilla/fxa-auth-server/blob/master/fxa-oauth-server/docs/api.md
|
||||
|
||||
## Do `accessTokens` expire?
|
||||
|
||||
Yes. You should look at the `expires` field in the token response to find out when the token will expire.
|
||||
|
||||
## Do `refreshTokens` expire?
|
||||
|
||||
The `refreshTokens` do not currently have an expiry, but they can be revoked for different reasons. For example,
|
||||
the user may revoke the token using the Firefox Accounts settings page. You should first try to use the `refreshToken` to
|
||||
obtain a new access token, if that fails you probably want to restart the authentication flow and obtain a new `refreshToken`.
|
||||
|
||||
# Profile API
|
||||
|
||||
## What are the `amrValues` in the profile response?
|
||||
|
||||
Those are the "Authentication Method Reference Values". See https://tools.ietf.org/html/draft-jones-oauth-amr-values-00#section-2
|
||||
for more details.
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче