Hello, I’m trying to use the GitHub strategy with a GitHub App, but I don’t want to ask for nor receive the user’s email address. I was able to change authorization_params to limit the scopes requested, but AshAuthentication appears to make its own call to the email API, as I get the below error. Can I stop this API call from happening, and if so, how? Thanks!
:authentication_result => {:error, %Assent.HTTPAdapter.HTTPResponse{ http_adapter: Assent.HTTPAdapter.Finch, request_url: "https://api.github.com/user/emails", status: 403, headers: [ {"date", "Sat, 08 Mar 2025 23:06:32 GMT"}, {"content-type", "application/json; charset=utf-8"}, {"content-length", "179"}, {"x-oauth-scopes", ""}, {"x-accepted-oauth-scopes", "user, user:email"}, {"x-oauth-client-id", "XX"}, {"github-authentication-token-expiration", "2025-03-09 07:06:32 UTC"}, {"x-github-media-type", "github.v3; format=json"}, {"x-accepted-github-permissions", "emails=read"}, {"x-github-api-version-selected", "2022-11-28"}, {"x-ratelimit-limit", "5000"}, {"x-ratelimit-remaining", "4998"}, {"x-ratelimit-reset", "1741478792"}, {"x-ratelimit-used", "2"}, {"x-ratelimit-resource", "core"}, {"access-control-expose-headers", ...}, {...}, ... ], body: %{ "documentation_url" => "https://docs.github.com/rest/users/emails#list-email-addresses-for-the-authenticated-user", "message" => "Resource not accessible by integration", "status" => "403" } Authentication works if I enable the email permission in the App, but I’d rather not request this access at all.