IndieWebCamp SF 2015: December 3, 2015!


distributed indieauth is a way of using indieauth authorization in a distributed manner across websites, including how to have your website explicitly delegate to an authorization server (such as or act as its own authorization server.

Level 0: Enable web sign-in

Link your website with a rel=me link to a common OAuth provider such as Github or Twitter. Or you can put your email address or phone number on your site to use Persona or SMS-based authentication.

This will make login work with sites that implement RelMeAuth directly, and with sites that use an authorization API that supports RelMeAuth such as


Level 1: Choose a public authorization server

Choose a hosted authorization server and link it from your homepage:

<link rel="authorization_endpoint" href="">

Public authorization servers

    <link rel="authorization_endpoint" href="">
  • indieauth-openid:
    <link rel="authorization_endpoint" href="">
    <link rel="authorization_endpoint" href=">

Level 2: Host your own authorization server

Find or create an authorization server and tell IndieAuth clients to use it when signing in. The server has to implement the IndieAuthProtocol.

Use an authorization service

Use an authorization service such as or indieauth-openid.

Link to it from your homepage as follows:

<link rel="authorization_endpoint" href="">

Create your own authorization endpoint

Level 3: Use other IndieWeb apps

In order to use IndieWeb apps such as OwnYourGram or Taproot to post to your own site, you effectively need to turn your site into an OAuth provider.

Use a token endpoint service

Such as

Create your own token endpoint

Create your micropub endpoint


Sites that support distributed IndieAuth

See Also