Users to my application use SSO to login (google/linkedin/facebook).
Then in the auth0 raw JSON I can see a link to their profile image.
For example:
https://lh3.googleusercontent.com/a/OILKFDSLKFJi7687IUHJKHK87687uHKJHK=s96-c
In my application users can interact with each other, and I want them to see each others profile images.
Am I allowed to use these links directly in the client?
This means each user will get delivered to their web browser other peoples profile image links, those links from Auth0. I will store those links on the users in my database for quick access of all members links.
Is this ok? Or are these links secret between users?