Trying to get in touch with the devs and leadership

DylanWilcox · June 5, 2024, 7:45pm

Hello!

I have been revere engineering the api.scouting.org API building a platform for my council (and others) to help enable a launch of a pay by month membership

A) I discovered a rather glaring security concern. My basic SM login, when querying the API, lets me get member information on any Troop in any Council nationwide
B) I would like to discuss being able to officially integrate with the api using oauth, keys or similar as opposed authenticating the council users via username/password

If someone could get in touch with my, my contact get be found on my LinkedIn https://www.linkedin.com/in/dylan-w-55577588/

Stephen_Hornak · June 5, 2024, 7:53pm

@DylanWilcox - I doubt the BSA staff will allow you to do what you are doing. It may be advisable to stop what you are doing.

Topic		Replies	Views
Are there any volunteer opportunities for software engineers/developers to help with the My Scouting Tools? My Scouting Tools	7	63	September 5, 2024
Feature Request: Read-Only API New Scoutbook Feature Requests	21	1639	December 21, 2021
Scoutbook API Key? Scoutbook Bugs	8	251	March 18, 2024
Scoutbook API? Feature Assistant Extension	11	1646	October 5, 2021
Checking in: Read-Only API New Scoutbook Feature Requests	5	666	March 11, 2022

Trying to get in touch with the devs and leadership

Related topics