22 lines
No EOL
1.5 KiB
Text
22 lines
No EOL
1.5 KiB
Text
// Module included in the following assemblies:
|
|
//
|
|
// server_admin/topics/users.adoc
|
|
|
|
[id="ref-personal-data-collected_{context}"]
|
|
= Personal data collected by {project_name}
|
|
|
|
By default, {project_name} collects the following data:
|
|
|
|
* Basic user profile data, such as the user email, first name, and last name.
|
|
|
|
* Basic user profile data used for social accounts and references to the social account when using a social login.
|
|
|
|
* Device information collected for audit and security purposes, such as the IP address, operating system name, and the browser name.
|
|
|
|
The information collected in {project_name} is highly customizable. The following guidelines apply when making customizations:
|
|
|
|
* Registration and account forms can contain custom fields, such as birthday, gender, and nationality. An administrator can configure {project_name} to retrieve data from a social provider or a user storage provider such as LDAP.
|
|
|
|
* {project_name} collects user credentials, such as password, OTP codes, and WebAuthn public keys. This information is encrypted and saved in a database, so it is not visible to {project_name} administrators. Each type of credential can include non-confidential metadata that is visible to administrators such as the algorithm that is used to hash the password and the number of hash iterations used to hash the password.
|
|
|
|
* With authorization services and UMA support enabled, {project_name} can hold information about some objects for which a particular user is the owner. |