Hacker News new | past | comments | ask | show | jobs | submit login

A party in OAuth authentication can request some obligatory information, and if email is part of it, you won't be able to deselect it.

In general, sites use email as an indication of a unique, real person. I imagine most of them do not really care about it afterwards, which is why the SSO systems even work (though, they can demand an email too).

It was not that Facebook allowed the user to deselect the e-mail address from what would be shared. Rather, it allowed them to randomly generate an e-mail address to share with the other party. I think messages sent to this address were forwarded to the user's Facebook inbox.

And to answer scarlac's question, yes, they removed this feature a very long time ago.

Ah, thanks for the correction! :)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact