EVE SSO scope review
EVE Scope Matrix
This matrix ties the WarpIntel mega-app modules to their EVE SSO scope lanes. It separates what can ship with public data or first-login publicData from the future read, corporation, fleet/SRP, and high-trust action upgrades that need feature-specific consent.
Top-level MVP modules represented in the same order as the public scorecard.
Modules whose current MVP lane can stay public, no-login, provider-gated, or publicData-only.
Modules with planned private read, organization read, fleet/SRP, or write/action upgrades.
Modules that reference optional action scopes and must stay separately reviewed.
Planned EVE scope references covered by this public-safe matrix.
This page and feed never start OAuth or contact CCP.
AI Intel Desk
No EVE SSO scope is needed for the current public analyzer MVP.
Full plan: Public/provider only; 0 planned EVE scope(s).- Owner Note
- AI provider enablement is separate from EVE SSO and stays feature-flagged.
- Boundary
- Public/no-login pasted input is not saved to account reports and private EVE data is excluded.
Fit Coach
Ask only when a signed-in pilot requests live skill, clone, implant, or fitting comparison.
Full plan: Personal read upgrade; 5 planned EVE scope(s).- Owner Note
- The public fit review remains usable without private skills.
- Boundary
- Fit review works without account skills, implants, tokens, or private character reads.
Loss Reviewer
Ask only when the user wants private killmail, ship, online, location, or fleet proof context.
Full plan: Personal read upgrade; 5 planned EVE scope(s).- Owner Note
- Public killmail review remains available without private EVE account reads.
- Boundary
- Public killmail data and pasted text stay advisory; private account reports require sign-in later.
Appraisal And Buyback
Ask when reconciliation needs private assets, wallets, contracts, corp finance, or reviewer evidence.
Full plan: Personal read upgrade; 29 planned EVE scope(s).- Owner Note
- Public appraisal and manual buyback intake stay advisory-first.
- Boundary
- Quotes and intake are advisory/manual; ISK movement, contract actions, and private corp data are not automated.
Market Command
Ask when a signed-in pilot wants private orders, wallet, contracts, jobs, or asset views.
Full plan: Personal read upgrade; 8 planned EVE scope(s).- Owner Note
- Public market checks and browser-local planning stay usable without account sync.
- Boundary
- Public market data and browser-local planning only; no wallet/order reads or trading automation.
Industry Lab And PI Planner
Ask when a pilot wants private jobs, assets, wallet context, mining history, or colony review.
Full plan: Personal read upgrade; 9 planned EVE scope(s).- Owner Note
- Industry and PI templates stay public/static until the user opts into private sync.
- Boundary
- Static/public planning only; private jobs, assets, wallet, and colony reads stay gated.
Navigation, Routes, Sovereignty, And Wormholes
Ask only when a user chooses location-aware, fleet-aware, or private ship-context views.
Full plan: Personal read upgrade; 5 planned EVE scope(s).- Owner Note
- Public maps, routes, sovereignty, and wormhole planning remain no-login.
- Boundary
- No character location, fleet position, or private shared-map data appears without explicit consent.
New Player, PvE, And Skill Planning
Ask only when a pilot requests live skill queue, clone, implant, or fitting readiness overlays.
Full plan: Personal read upgrade; 5 planned EVE scope(s).- Owner Note
- Guides and training flows remain public and static-data friendly.
- Boundary
- Guidance uses public/static assumptions; private skill queue data is not read.
Pilot, Corporation, And Alliance Profiles
Ask after a role or owner review confirms private character or corporation evidence is appropriate.
Full plan: Organization read upgrade; 43 planned EVE scope(s).- Owner Note
- Public profile and corp shell views remain separate from private member, wallet, role, and structure reads.
- Boundary
- Public identity and public activity only; private member, wallet, asset, role, and token data stay gated.
Alliance Ops Intake
Ask inside SRP, fleet, or corporation workflows after role review and before any private sync or action.
Full plan: High-trust action; 34 planned EVE scope(s).- Owner Note
- Manual intake and protected review queues stay usable before EVE SSO approval.
- Boundary
- Submissions are not public, and approvals, payouts, role sync, and Discord changes stay human-reviewed.
Reports, Export, And Account Data Rights
First login asks only for publicData so account reports can attach to the pilot identity.
Full plan: Public/provider only; 1 planned EVE scope(s).- Owner Note
- Account export/delete controls stay protected and exclude token ciphertext.
- Boundary
- Public exports are safe by default; account exports require sign-in and exclude token ciphertext.
EVE SSO Account And Permission Flow
Start with publicData, then request feature-specific read or action scopes only when a feature needs them.
Full plan: High-trust action; 48 planned EVE scope(s).- Owner Note
- The SSO system owns the staged consent plan; it should not bundle broad scopes into first login.
- Boundary
- First login stays publicData-only; private and write scopes require feature-specific consent.
Discord And Transactional Email
No EVE SSO scope is needed; Discord and email provider gates control activation.
Full plan: Public/provider only; 0 planned EVE scope(s).- Owner Note
- Provider credentials and live sends remain outside public pages and smoke logs.
- Boundary
- Bot tokens, provider keys, email delivery, role sync, and queue contents stay gated and protected.
Revenue, Ads, Support, And Growth
No EVE SSO scope is needed; Stripe, AdSense, growth, and privacy gates control activation.
Full plan: Public/provider only; 0 planned EVE scope(s).- Owner Note
- Payments, ads, and telemetry stay provider-gated and do not require private EVE reads.
- Boundary
- No paid feature unlocks are live; payment, ad, analytics, and verification details stay gated.
Ops, Monitoring, Backup, And Release Ledger
No EVE SSO scope is needed for public health, release, backup, and monitoring summaries.
Full plan: Public/provider only; 0 planned EVE scope(s).- Owner Note
- Protected ops exports remain admin-only and no-secret.
- Boundary
- Public pages show counts and links; protected exports require admin access and exclude secrets.
Fit Coach
Ask only when a signed-in pilot requests live skill, clone, implant, or fitting comparison.
5 read scope(s); 0 high-trust; 0 write/action.Loss Reviewer
Ask only when the user wants private killmail, ship, online, location, or fleet proof context.
5 read scope(s); 0 high-trust; 0 write/action.Appraisal And Buyback
Ask when reconciliation needs private assets, wallets, contracts, corp finance, or reviewer evidence.
29 read scope(s); 0 high-trust; 0 write/action.Market Command
Ask when a signed-in pilot wants private orders, wallet, contracts, jobs, or asset views.
8 read scope(s); 0 high-trust; 0 write/action.Industry Lab And PI Planner
Ask when a pilot wants private jobs, assets, wallet context, mining history, or colony review.
9 read scope(s); 0 high-trust; 0 write/action.Navigation, Routes, Sovereignty, And Wormholes
Ask only when a user chooses location-aware, fleet-aware, or private ship-context views.
5 read scope(s); 0 high-trust; 0 write/action.New Player, PvE, And Skill Planning
Ask only when a pilot requests live skill queue, clone, implant, or fitting readiness overlays.
5 read scope(s); 0 high-trust; 0 write/action.Pilot, Corporation, And Alliance Profiles
Ask after a role or owner review confirms private character or corporation evidence is appropriate.
43 read scope(s); 0 high-trust; 0 write/action.Alliance Ops Intake
Ask inside SRP, fleet, or corporation workflows after role review and before any private sync or action.
26 read scope(s); 8 high-trust; 8 write/action.EVE SSO Account And Permission Flow
Start with publicData, then request feature-specific read or action scopes only when a feature needs them.
39 read scope(s); 8 high-trust; 8 write/action.Private Corp Command Center
Ask only after corporation role review, owner approval, protected audit logging, and feature-specific consent.
26 read scope(s); 8 high-trust; 8 write/action.Visibility
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Starts Oauth
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Provider Calls
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Eve Tokens
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Private Eve Data
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Account Data
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Raw Submissions
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Protected Queue Contents
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Setup Packet Bodies
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
Separate Project Accounts
Excluded from this public matrix, health snapshots, smoke logs, screenshots, and tracker summaries.
No-Secret Scope Rule
The public EVE scope matrix exposes curated app-module names, publicData/current scope lanes, future scope buckets, aggregate counts, route links, preview links, and owner-review notes only. It does not start OAuth, contact CCP, include EVE client credentials, expose access tokens, refresh tokens, private EVE data, account data, raw submissions, protected queue contents, hidden setup packet bodies, browser cookies, private logs, or separate-project account details.