GitHub Community
Keep my email addresses private ? Does it though? #187914
Replies: 5 comments 1 reply
-
|
Hi, “Keep my email address private” only hides your real email from public commits and replaces it with a GitHub noreply address. It does not fully prevent third-party services from getting your email if: you signed up to an external service using GitHub OAuth, and you granted that app permission to access your email address. Many OAuth apps request the user:email scope, and once approved, they can access your verified email and may use it for communication or marketing depending on their own policies. What you can do: Go to Settings → Applications → Authorized OAuth Apps Review and revoke apps you don’t trust Only authorize apps that clearly explain how they use your email Consider using a separate email address for GitHub sign-ups GitHub’s privacy setting protects your email publicly, but permissions granted via OAuth are controlled by the access you approve. |
Beta Was this translation helpful? Give feedback.
-
|
I don't want to grant access to my private address protect my privacy give a switch for a github alias for OAuth why is not the default? |
Beta Was this translation helpful? Give feedback.
-
how |
Beta Was this translation helpful? Give feedback.
-
I already give you all steps please check and follow |
Beta Was this translation helpful? Give feedback.
-
|
I see Primary Address and Backup Address. Are you suggesting I an another address to one of these? how would i select it be used for Oauth? (because I would cancel/replace it after an oauth use) |
Beta Was this translation helpful? Give feedback.
-
|
You can't hide your email from OAuth apps that request the user:email scope—GitHub uses your primary email for authentication. To avoid spam, either only authorize trusted apps or use a separate email address for your GitHub account. Add a new email in Settings → Emails, verify it, and set it as primary. That keeps your main email private. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Select Topic Area
Question
Body
https://github.com/settings/emails
Keep my email addresses private
OAuth sign up for something
Guess what should not be possible: marketing/spam to your PRIVATE github email address. SPAM is not traveling to me through a github alias. Third party now knows my address.
Where is the option to protect me from this grave breach of trust?
Beta Was this translation helpful? Give feedback.
All reactions