When SSOfy requests user data, it is either made by a login action or a simple user inquiry. The UserFilter
shipped with the sdk transforms between your actual user data and the SSOfy's User Entity model. You should choose based on which data to reveal on the scopes
that the user picked during the authorization process.
Just like Repositories, you can craft your own implementation (recommended) by implementing the UserFilter or extending the default implementation.
The default implementation has no restrictions and always exposes the following data:
id
hash
display_name
name
picture
profile
username
email
email_verified
phone
phone_verified
given_name
middle_name
family_name
nickname
website
gender
birthdate
address
location
zoneinfo
locale
custom_1
custom_2
custom_3
custom_4
custom_5
custom_6
custom_7
custom_8
custom_9
Please consider if the user hasn't yet granted permission (unauthorized), the scopes
array will be empty. In this case, you should always respect the users' privacy and only include the information which is applicable to public access.