I have a live self-hosted instance of Discourse which I’m currently testing/evaluating. The forum would be for a private community where confidentiality of posts and messages is important. I currently have “invite only”, “login required”, and “must approve users” enabled.
I’d like to offer social login to the users to make it easier for them to access the forum, and I’ve set up Facebook oauth2 as a test.
It’s clear to me what data my forum website would receive from the oauth2 provider (such the user’s name and email address), but I’m not sure what data, if any, the oauth2 provider would be receiving from my forum website. I’m assuming they would keep a log of when/how often the user logs in to the forum using their system, but is there any possibility of them getting forum profile data, posts, messages, etc?