Hello - wanted to clarify something I saw discussed in documentation and other questions. It seems that there shouldn’t be a big concern exposing a customer’s user ID to the customer themselves. Is there an issue with other people being able to discover a customer’s ID?
For example, we have IDs for our application users. These users may (in the future) interact with each other, for example user A might send a message to user B. Would it be a problem if the IDs that we use to enable identifying the target of the message are the same IDs we use to identify a user to RC? In other words, what would user A be able to do if they knew the customer ID for user B? Or: given our public API key (which is compiled into the app) and a customer’s ID, what information and operations are exposed?
It would be great if there was a RC security whitepaper or something like that which went over all the security considerations for implementation somewhere in the doc hub...maybe i’m missing it?
