In the past days we’ve been working on v3 of the Gigadrive login API. As you may know, we’ve introduced the official Gigadrive API 2 years ago to allow users to have one central account for multiple Gigadrive and third party services. While v1 allowed services to spoof passwords and emails without us or the user knowing, we introduced v2 along with it’s login keys that are passed through with the user to transfer user data but not sensitive data like passwords.
We have since created v3 which adds the ability to register applications, authorize them on a user account and maintain user data. Since v2’s login keys expired 2 hours after the login took place it was hard to refresh user data without forcing the user to login again. v3 introduces permanent tokens that may be used to fetch user data at any point.
It also adds this nice authorization screen that shows information about the application that is being authorized and what scopes the application gets access to.
The user settings show what applications you have authorized and allow you to remove access at any time. Once a user removes an application from their account, a deletion script is triggered that the application owner specified when creating their app. This deletion script will remove all data the application has on the user.
We plan on releasing this version of the API in the coming days along with a documentation for application creators. If you want to get access to the new API once it releases, contact us at firstname.lastname@example.org.