Access "pledges-to-me" (or similar scope) without public profile information?

Hi there, I’m new to the Patreon API and I’m using the Patreon PHP code to create a simple OAuth login to a web app. The app only needs to know the current tier level of the user. Nothing else.

It’s working well, but I have a question about scopes.

Following the basic example in codebase, I use only the “identity” scope. This appears to currently be the most limited scope - ie. returning the least information about the user. If I don’t specify it explicitly, it is assumed. The person logging in with this scope sees the following prompt from Patreon:

[Creator] would like to…

  • View your public profile

Allow / Deny

For this application, and I’d assume for other apps wishing to minimise access to private data, I only want to see the current tier level. So I’m discarding all the user information and only checking if patron_status === 'active_patron' and the amount in currently_entitled_amount_cents to determine the person’s tier level.

The problem is that the wording “Creator would like to view your public profile” understandably makes some users feel I’m requesting additional data to impinge on their privacy.

Seeing as I only need pledge data - tier level - is there a way to request a more limited set of data with the API?

The docs show that APIv1 offered a “pledges-to-me” scope. They suggest using “identity.memberships” in v2 as the equivalent.

Doing so produces a new prompt which says:

[Creator] would like to…

  • View your pledges

Allow / Deny

According to other pages in the Patreon docs and the wording in the prompt, that’s all their pledges (including to other creators) and not pledges to me. That’s more information than I need, and appears to contradict what’s stated in the screenshot above (taken from Patreon docs).

Ideally, what I would like the prompt to say is:

[Creator] would like to…

  • View your pledge

Allow / Deny

or

[Creator] would like to…

  • View your membership level

Allow / Deny

Allowing a narrower scope than what appears to be currently offered would be great for people’s privacy concerns.

If anyone knows if this is achievable, I’d love to know. If it’s not currently achievable, I hope the Patreon devs will consider offering narrower scopes to achieve what I’ve described here.

Thank you for reading.

P.S. If any devs are reading this… after the recent change with additional currencies being offered, I noticed that a user pledging in UK pounds for example will have their pledge amount appear in currently_entitled_amount_cents without conversion. Let’s say a $5 pledge becomes a £4.50 pledge. I still expect currently_entitled_amount_cents to be 500. But it shows 450 for such a pledge.

For the currency situation and getting tier levels of a patron to your campaign, you can check how Patreon’s Wordpress plugin does it:

The call in fetch_user function should help.

Using currently_entitled_tiers would address the problem.

However this currently does not address the situation of patrons with custom pledges. The problem you specified exists for custom pledges.

1 Like

That’s very useful, thank you. Returns tier IDs the user is entitled to. Something like…

...
"currently_entitled_tiers": {
  "data": [
    {
      "id": "[tier id]",
      "type": "tier"
    },
    {
      "id": "[tier id]",
      "type": "tier"
    }
  ]}
...

So I can use that instead of currently_entitled_amount_cents to determine tier level.

Now if only there was a more privacy-friendly way of requesting only this data without profile information. Something like scope=currently_entitled_tiers would be nice. :slight_smile:

Thanks again.

For requesting it without profile information, you would need to have info on users’ membership already. This would mean that you already authenticated the user. Or, if they are your patrons, you have the list of memberships. Then you would still have to match the user to the membership though.

Then you would still have to match the user to the membership though.

Not at all. There’s a difference between knowing who your patrons are knowing which ones are using your web app.

To give a little more context, the web app in question doesn’t require user registration or login. As such, anyone can use it without providing the app any information. Some users choose to support its development through Patreon. Without Patreon integration with the app, I know I have patrons (and their info) but their membership isn’t linked to their app use. They are still anonymous when using the app.

Now when it comes to integration, I want to offer features/benefits based on the tier level of the patron, but also keep as much of the privacy benefits of not knowing who the actual user is.

Patreon could offer a more privacy-respecting, limited scope to achieve this by allowing the developer to request only the currently_entitled_tiers without the patron’s profile information. Then I can unlock features/benefits knowing that the user is a patron at a particular tier, but without knowing who the user actually is.

That’s what I’m trying to accomplish, and I think it’d be a useful scope to offer users of Patreon’s OAuth API.

You could just omit the includes you dont want from the call from the user section.

But that comes after the user has agreed to this prompt:

[Creator] would like to…

  • View your public profile

Allow / Deny

Omitting the includes doesn’t change the prompt, because it’s the same scope.

Having placed itself between the user and the app, Patreon is trying to be transparent about how much of the user’s information the developer gets access to. That’s a good thing. But it would be more reassuring to the user if the prompt reflected what the developer actually wants access to. At the moment they consent to sharing more than they need to, and then have to take the developer’s word that that information won’t be used. (I have to explain that there’s in fact no way to request less than this from Patreon, which isn’t ideal.)

The problem with that is practicality.Listing every single piece of information in a prompt like that would be totally unusable on user’s side. In addition, trusting an app/developer with a certain amount of data is inevitable on users’ side. Even in the ideal case you describe, the user will be trusting you with his/her membership data.

Addressing this situation would be best done by communicating to the user clearly that you are tobtaining minimal amount of information on them on your app. You can also use this as a distinguishing feature of your app to help in your marketing.

I think perhaps you really don’t understand what I’m saying here in this thread.

Put simply, I’m asking for a way for a web app to signal to Patreon that it doesn’t want to view a patron’s public profile, precisely so that the user is not trusting the app with her/her membership data. With so many data breaches, reducing how much data you access and store is good practice, not an unreasonable request.

I’m already communicating how the app deals with data, but Patreon could do its part too in allowing for a more limited data return.

I’ll leave it there for now.

I understand what you are suggesting, however currently there isnt a way to do it. Its unlikely that there will be a way to do it for in near future. So the workaround for current situation is to communicate info to the users on the app side.