facebook - Is it okay to configure Parse User with public "get" class-level permission? -
i'm in process of designing data model ios application i'm using parse backend (first time using parse) every user of application has both private data should readable , writable owner of data , public data should readable everyone. i'm considering keeping publicly readable data stored in parse's built in user object , private data in custom object. there downside this? app uses facebook login exclusively and, thus, when user created authdata field populated "facebook: 12345..." is having accessible security problem? in scenario user object (my public data) need "get" not "find" permissions, need readable knows objectid. rules out dumping entire user's table. i've read through documentation , "sensitivity" of each user's authdata wasn't clear. i realize if using traditional username/password scheme problem, facebook login? help/tips appreciated. edit: printed entire user object console on test c...