IndieWebCamp is a 2-day creator camp focused on growing the independent web

distributed-indieauth


distributed indieauth is a way of using indieauth authorization in a distributed manner across websites, including how to have your website explicitly delegate to an authorization server (such as indieauth.com) or act as its own authorization server.

Level 0: Enable web sign-in

Link your website with a rel=me link to a common OAuth provider such as Github or Twitter. Or you can put your email address or phone number on your site to use Persona or SMS-based authentication.

This will make login work with sites that implement RelMeAuth directly, and with sites that use an authorization API that supports RelMeAuth such as indieauth.com.

More

Level 1: Choose a public authorization server

Choose a hosted authorization server and link it from your homepage:

<link rel="authorization_endpoint" href="https://indieauth.com/auth">

Known public authorization servers

  • indieauth.com:
    <link rel="authorization_endpoint" href="https://indieauth.com/auth">
  • indieauth-openid:
    <link rel="authorization_endpoint" href="http://indieauth.id.cweiske.de/">

Level 2: Host your own authorization server

Find or create an authorization server and tell IndieAuth clients to use it when signing in.

Use an authorization service

Use an authorization service such as indieauth.com or indieauth-openid.

Link to it from your homepage as follows:

<link rel="authorization_endpoint" href="https://myauthserver.example.org/auth">

Create your own authorization endpoint

More

Level 3: Use other IndieWeb apps

In order to use IndieWeb apps such as OwnYourGram or Taproot to post to your own site, you effectively need to turn your site into an OAuth provider.

Use a token endpoint service

Such as https://tokens.indieauth.com

Create your own token endpoint

Create your micropub endpoint

More


Sites that support distributed IndieAuth

See Also

Contents