Wanna Federate the Web? Stop Using Silos for Signing In

In the IndieWeb, there's a notion of using IndieAuth, an extension to OAuth2, to get into other services and control how authorization works there. It's an amazingly simple way to say "Hey, I'm Jacky. I want to log into Quill and give it permission to create and upload things to my site". That's how I wrote this post and how I interact with the Web with things like Omnibear in my browser or Monocle. If you want to learn more about how it works and its implications, check out Aaron's post about it on his site.

What about User Information?

OAuth2 was cool because if you knew the site you'd be fetching from in advance, then you'd get some bits of data. Because of the proliferation of Microformats2 among sites that use IndieAuth, you're likely, as an application developer, going to pull information from their homepage. There's conversations about how to send back potentially specific information but it highlights something interesting about how apps online use data. They rarely create new information - they ask for permission to mutate something else in a remote location. The IndieWeb turns that on its head by pushing everything back to your site.

Services that Benefit

Things like Mastodon, Pleroma or PixelFed can provide logic to allow people to sign into other services. We don't have many "federated" services that either use these platforms for identity or talk back into them but we should! I can see something like GetTogether leveraging this to make not only user authentication simple but if they detect an ActivityPub account; they can do auto-posting and inviting of people. All of the social interaction we have in silos but in a truly distributed and flexible way. Some more cases include:

  • Using Mastodon to sign into your PixelFed account.
  • Using Pleroma to sign into your instance's information at fediverse.network.
  • Using PixelFed to sign into an art selling platform like DeviantArt.
  • Using your own site to sign into things like Liberapay or PeerTube.

The use cases are endless and give people more autonomy over their information and how they choose to interact with you. Go forth and build!