Skip to content

How can we improve our accounts settings, payments or plans?

← Accounts & payments

OAuth flow for external applications to use to access Proton services

Allow developers to implement their own apps integrated to the Proton enviroment and, through an auth flow, get the required permissions to use users accounts

Examples of implementation
Proton Drive SDK (Existing Proton Drive SDK implementation of authentication and app indentification is easily forjable and apps wth bad intentions will store user credentials)
A future Proton Mail SDK (which would allow open email clients like Thunderbird to implement Proton Mail without the need of Proton Mail Bridge)
Proton VPN SDK (An SDK where apps can tunnel requests via a Proton VPN server)
Proton Docs & Calendar SDK (SDK to develop Proton Docs addons [available via the Proton Docs website] and apps that read Proton Docs data)

Some implementation suggestions
The user should be warned about every permission the app is asking
The authorization URL should be very clear that gives access to your Proton account (such as "authorize.proton.me)"
A form of 2FA should be asked before authorizing any app

This is an important step for a free environment, where Proton apps and third party apps have a secure auth flow with proper and granular permission granting

3 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

João Victor Cruz shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Sergei commented  ·   ·  Report

    I agree this is very useful.
    Example real use from my side: rclone.org already supports Proton Drive as backend. But it obviously requires proton password+2FA. And this is not what I want to provide to 3rd parties. Considering that I have too much of my data stored behind these credentials to share them with untrusted apps. I would really like to add OAuth based authentication method with clear scopes. I know that this is connected to E2EE and at this moment encryption key is derived from proton password and this limits the solutions field. But in my opinion Proton Drive should work another way. Authentication and encryption should be separated. So I could use a 3-rd party app to do this. Then authentication would work via OAuth but encryption would be my choice. Potentially even give a user a choice to not encrypt data at all.

Accounts & payments: Accounts

Categories