Allow bot users to access connected user accounts of guild members


13 opmerkingen

  • thunder33345
    while it could open up to abuses(forcing sub to use this chat) and scraping data i think it should be a thing, maybe with permission of users?
  • tt2468

    That could work. The main factor is that since bots are added through the manage server permission, it would restrict server members from collecting the data. There could also be a permission that allows/disallows said bot to be able to access the deeper regions of the api. Or even a good option would be to add a switch to the privacy options that would allow the user to be able to change whether their account connections could be seen by bots in a specific server. It would be opt-in of course, but there could also be a setting in the privacy section to enable connections access by default (change to opt-out).

    Telling users to change a setting within Discord is a lot easier to do than to direct them to some page where they have to sign in through discord and another account.

  • I feel that this function is already exposed somewhere.

    My reasoning is is able to sync YouTube accounts on a YouTube channel with Discord roles.


    I have a YouTube channel. I have multiple users that are moderators.
    I have a Discord with multiple users that are Moderators.l

    I add to both my Discord and YouTube. I set my moderator role on Discord.

    Nightbot magically finds those users who have YouTube accounts that are flagged as moderators on my channel that are on my Discord with linked accounts.

    At no point in this process have the users made any additional actions on their part.

  • NoNameNamer

    @MagSynchro because nightbot is definitely using the bot scope for all automation. Kappa

  • Lachee

    There is a reason why you need a separate oAuth2 scope to get connections. Bots shouldn't be given this information, its unnecessary and can lead to privacy concerns. Its one thing for users to be able to see your connected accounts but being able to automate that can lead to bots that data-scrape connections and automated doxxing.

  • kgns

    Majority of discord servers are communities formed around third party connections (like Steam or Twitch or Youtube etc.). Without these connections, integrations, Discord would be a dull communication client not much different than TeamSpeak or even Ventrilo. Every community would benefit from being able to use bots of their own accessing these user connection data, and automate a lot of new processes. Disallowing bots from accessing these connections is just outright funny in the age of informatics.

    For privacy issues, Discord can just add a new option that must be activated per server by the user to allow bots in that server to access its selected connections data. By default this can be disabled, which would emulate as is right now. Where as you can enable bots in X server to access your Twitch connection data.

    At its current state, Discord is denying the choice of sharing your connection data with bots even if you wanted to.

  • DingleFlop

    I completely agree... You can already automate this to abuse it using selfbots... It's only the people that are writing legit bots that are harmed by this restriction.

  • koteg

    I need to manage access of Discord users to a hidden channels by state of subscriptions of them on Twitch. Thus I need to gather Twitch users ids via Discord API and use the data to geather subscriptions statuses from Twtich. This is very simple case and example to add the ability to Discord API. Please do this!

    EDIT: Damn guys I think the ability is already there!

  • TechmandanCZ

    koteg actually no, this is only for OAuth2 (meaning they still have to open website and sign in) with scope 'USER_INTEGRATIONS'.

  • Ash

    I would really like this - As a gamer serve owner I would like people with specific roles to be granted access to the specified game server (using their connections in order to grant say SteamID access).  Asking people to follow X link and take them through some OAuth process to save their connections in the database seems long-winded and unnecessary.

    Also the user can make their connections public, so it's only the publically accessible information we're seeking.

  • Agent Zero85

    Yes ^
    If it's a public connection, well

    it's public.


    Let it be that way - please, for my sanity.

  • Shadows

    If the users have already made the information public then it seems completely unnecessary to have them go to an OAuth2 link and give permissions again. I've ended up wasting a few hours writing a separate script just to scrape this information from the users in the server. 

  • Jakub

    Shadows How do you scrape the information though? As far as I know, there are Captcha checks to prevent self-bots and you need to be authenticated to see the Twitch connected account in the user profile detail for example.


U moet u aanmelden om een opmerking te plaatsen.