Hello! This is a discussion thread for the proposed FEP-61cf: The OpenWebAuth Protocol. Please use this thread to discuss the proposed FEP and any potential problems or improvements that can be addressed. Summary OpenWebAuth is the “single sign-on” mechanism used by Hubzilla, (streams) and other related projects. It allows a browser-based user to log in to services across the Fediverse using a single identity. Once logged in, they can be recognised by other OpenWebAuth-compatible services, ...

This is the proposed FEP-61cf: The OpenWebAuth Protocol. OpenWebAuth is the “single sign-on” mechanism used by Hubzilla, (streams) and other related projects. It allows a browser-based user to log in to services across the Fediverse using a single identity. Once logged in, they can be recognised by other OpenWebAuth-compatible services, …

  • Ananace@lemmy.ananace.dev
    4·
    9 months ago

    This looks really odd in relation to other fediverse software; Why /magic and required to be on the root of the domain? Why hard-require routing the domain part of the user ID when .well-known/webfinger exists? Why is there a X-Open-Web-Auth header which the spec only describes as “its purpose is unclear from the code”?
    So many questions.

    I definitely like the idea of distributed sign-in, Solid did a decent work of that many years ago after all. This particular proposal just looks rather odd.

    • 0x1C3B00DA@kbin.socialOP
      2·
      9 months ago

      The author wrote this FEP by reverse engineering the Hubzilla implementation. The point of proposing it is to find and answer questions like these.