### Explanation Social media platforms and web services frequently integrate with each other, creating technical connections that can be exploited for SOCMINT purposes. These integrations come in several forms: - **Single Sign-On (SSO)**: Platforms offer "Sign in with Google/Facebook/Apple" flows that link accounts across services through shared authentication tokens and unique identifiers - **Embedded widgets**: Third-party elements like Disqus comments, donation widgets, or embedded media players carry user identity across site boundaries - **API integrations**: Users connect services to each other — Spotify to Facebook, GitHub to LinkedIn, Instagram to Twitter — enabling automatic data sharing and cross-platform activity traces Each of these mechanisms creates a verifiable digital link between otherwise separate accounts, often exposing identifiers (email, user ID, profile URL) that the user did not intend to make public. It is worth noting that integration can also be viewed more broadly — share buttons, cross-posting features, and social plugins are ubiquitous on the web. However, the mere presence of a "Share to X" button does not mean the user has actually used it or that it has left any traceable connection. The investigative value lies specifically in cases where an integration was actively used and produced a technical artifact linking two accounts or identities. ### Examples {{to be filled after research}} ### Types - business - technical ### See also - [[SOWEL-6. Reusing Personal Data]] - [[SOWEL-15. Tolerating Privacy Gaps]] ### Typical techniques - [[SOTL-1.7. Conduct Security Audit for Exposure of Information]] - [[SOTL-2.2. Search for Accounts on Other Platforms]] - [[SOTL-22.1. Check Commits of Source Code]]