Currently, the Particle OpenID API doesn’t provide any identity information. When using “Login with Particle” / 3 legged OpenID, this means that we don’t get back any persistent identifier for a user; it’s impossible to tell if two different authorization events were by the same user or not, so we can’t store any data associated with them.
Obviously this isn’t really a problem for something like ifttt, where the authentication token is stored persistently against a separate user account, but to use the API as an actual “login with particle”, some sort of persistent identifier is needed. Could we have OpenID connect support, please?
While we’re on the subject, it’d be awesome if scoped tokens were supported, too, so I could request access to just a single device, and the user could choose which device when granting it.