👩🎤 Identity
- Polis provides a number of ways to handle participant 👩🎤 Identity
- Having a plan for handling 👩🎤 Identity is important for all conversation owners
- Generally, there are two paths: anonymous and non-anonymous, where non-anonymous may also be verified.
- By default, participants will be prompted to log in using Facebook auth or Twitter auth when they are commenting, but will be allowed to vote without logging in for a low friction experience. This is aligned with reducing the number of features (comments) to increase density in the polis opinion matrix.
- Anonymous
- In the admin interface, conversation owners can decide to allow participants to vote and / or comment without being prompted to log in using Facebook auth or Twitter auth
- If logging in is not required, a cookie is set (see: cookies) so that participants can vote and comment, and be connected to their voting record when they return on the same device
- If participants return on a new device, they will be counted as new participants and the voting records will not be linked
- Using an incognito window, participants could, if anonymous, vote an unlimited amount of times (this is still possible if they log in with Twitter or Facebook auth, but in that case there is some rate limit on the number of fake accounts they would be able to create — Twitter enforces a 1:1 relationship between emails and accounts, for instance)
- Non-anonymous
- anonymous but verified
- In other cases, conversation owners will want to ensure
- that only certain participants (ie., from a certain email list) are able to participate but not people outside of this
- but owners also want participants to be anonymous
- In this case a conversation owner would go about creating single use urls
- In other cases, conversation owners will want to ensure
- pol.is as a platform, does not reveal the identity of participants to owners unless owners use an xid, in which case identities are linked to the participant record via that shared parameter.
- GDPR is covered in the FAQ
Old content, to clean up
- There are different authorization scenarios you may encounter when using pol.is.
- You may need to know who is who, or you may not
- It may be important to you to make sure people aren't voting more than once, or it may not
- You may already know who your participants are from some other identity system, or you may not
- You may want to restrict participation to those who are seeing the conversation on a certain domain, logged in through some other authorization system
- By default as of this writing (July, 2020) users can vote anonymously but commenting requires connecting Facebook or Twitter auth.
- The goal is to not stop people from producing votes, so zero friction
- All four of these options — require auth to comment or vote, and which social buttons to show if any, can be disabled in conversation configuration
- If anyone is able to vote and comment without authorization, the conversation is more or less anonymous
- participants could have connected social in a previous conversation or could even have their own owner account, and because of this there isn't a way in the system presently to guarantee the database doesn't know about a participant already
- If you already know who your users are and want to link them when they participate, see xid
- 👻 Polis does support, but not officially (hidden feature that has to be turned on) sending one time usage tokens (via email for instance)
- 👻 Polis does support, but not officially (hidden feature that has to be turned on) whitelisting domains — ie., a conversation will not work unless it is accessed on a domain, which allows embedding a conversation inside of a site's login flow