For a logged in user, is there a unique_id etc. that the canister can deduct about this user’s login, which is never visible to the user?
Hi @Mercury
What do you need such an id for? Or rather, how would it be different from the user principal?
The principal issued by II after sign-in to your application is not shown to the users (unless you do so explicitly) and is unique per user.
1 Like
Hi @frederikrothenberger, I appreciate your follow up. Well, if II never exposes user principal, and a malicious user has no way of deducting it, that’s what I needed, great, it serves the purpose. Just like IC provides untracability, I have the same need for composing a number of networks outside IC with the users of IC, hence the need for an untracable id. Hyrum’s Law applies ruthlessly especially in the crypto world, so I’m being cautious in what’s exposed. Cheers.
Wait, I never said it’s not exposed! It’s just not shown. But a malicious user absolutely gets to know their user principal if they want to.
If you describe your use-case in more detail, maybe we can give you an actual recommendation rather than making vague suggestions… 
Hmm, alright, I’m ready to go down the rabbit hole. DM on its way