Thank you for your reply.
Yes, your description is correct.
Actually, at first I configured my app with RO access and permission to request email address. I didn’t add x_auth_access_type parameter and things worked well. Then I overrided access level with W and it is not asked the email permission and I couldn’t get it.
While trying to find what did I do wrong, I also tested case exactly as you said. I mean I changed app permission to RW access and I overrided with R. Result is same.
I guess when authentication service sees the x_auth_access_type parameter in request, it completely overrides the app settings and acting according to value of parameter. This completely overriding also includes the email permission sadly. It shouldn’t override the email permission or it should give me an option to indicate I also want email permission while I’m using x_auth_access_type parameter. For example, field would be set to multiple values such as x_auth_access_type :[“write”, “email”] or would be set to comma seperated string such as x_auth_access_type : “write,email” so it would also give email permission to me.
Can you confirm is this the case, or help me to find out what I’m thinking and doing wrong?
Thank you very much.