Opting for IndieAuth instead of Silo-Based Options
In my earlier post, I mentioned how the act of federating the Web can come from moving away from silos and towards the actual people who you'd want to sign into your site. Now a bit of reckoning has to come to play when we, as developers, are building things that make use of silos but don't actually use anything else from it.
On Greenfield Projects
When it comes to starting a new project; authentication and authorization comes to mind. Nowadays, we have solutions like Okta, Authy, Auth0 and what have you that do the work of multiplexing what it means to "sign in". Most of the time, all that one collects from these services is the following:
- E-Mail Address
Anything else usually falls under the hyper-specific category of data that the application will use or it's marketing fodder. Opting for IndieAuth here will have you reconsider what is it that you need from the user to make onboarding simple (and if it's something the user is even willing to share).
For Existing Projects
Let's say you already have a whole authentication system built out and it allows you to sign in using a bunch of silos, conventional methods or what have you. Adding IndieAuth would potentially be adding to the noise of options but with an effective migration pattern; one could promote it and still keep their other options. I have some projects in mind like GetTogether that could deeply benefit from allowing such a login approach. I hope that my issues turn into merge requests that can then be used to promote IndieAuth.
Let Me Help!
I'm so emboldened by the use cases of IndieAuth! I'm making an open proposal to any F/LOSS project that has authentication via OAuth2 to reach out to me or anyone in the IndieWeb dev chat to work on integrating IndieAuth. I want this to be something that not only helps people learn about your project but to also encourage people to own their identity providers. There's a lot of work to be done but this is one of the great first steps.
Permalink • Published about then updated by Jacky Alciné.