I’m asking a Patreon creator to authenticate the account, using scopes "identity campaigns w:campaigns.webhook campaigns.members"
in order to be able to list that creator’s supporters. (My app will give perks to supporters, and will use a webhook to know when people come and go.) This set of scopes should, if I’m understanding the docs correctly, let me list supporters, but NOT see their email addresses or street addresses:
https://docs.patreon.com/#scopes
My list of scopes does not include either campaigns.members[email]
or campaigns.members.address
. The creator saw this prompt when contemplating granting permission:
Note that it says “each member’s full name and email address”.
How can I ensure that my app does NOT get access to people’s email addresses?