Oauth - "View pledge information about your patrons" message when trying to login

Hello,

Today one of my new patrons showed me the login screen they got when trying to access my website through Patreon:

They were wary since they are creators themselves, and “View pledge information about your patrons” doesn’t sound great.

I honestly don’t remember ever seeing that before, and it also appears when someone who doesn’t have a creator account tries to login. Is there any specific scope or something that would trigger that message that I can remove?

I do need to check the pledge rewards for my patrons to get them access to what they paid for (the only things I really need are their pledge level and discord ID), but that message makes it sound I need to access their patrons.

This is what I’m using:
https://www.patreon.com/api/oauth2/v2/members/{member_id}?include=currently_entitled_tiers&fields%5Btier%5D=title

Any help would be greatly appreciated.

1 Like

Hey Nick, the scope is set during the oauth and it seems that you’re setting it as campaigns identity campaigns.members identity[email]:
Screenshot_20210426_110320

Tthat scope does exactly what you mentioned: it allows to access their patrons and campaign.

If you only need to check their pledge to you, I think you could set the scope to just identity (unless you also need their email, but it doesn’t seem so), which would only require their public profile:
Screenshot_20210426_110409

And then from there you should be able to use the identity endpoint to get their membership information, something like (I haven’t tried it): /api/oauth2/v2/identity?fields[user]=social_connections&fields[member]=patron_status,currently_entitled_amount_cents&include=memberships

I hope that helps :wink:

4 Likes

You’re amazing, that did the trick!

I’m using Django allauth for authentication, and indeed those were the default scopes for patreon.

Thank you!

2 Likes