Hacker News new | ask | show | jobs
by mynameismonkey 1318 days ago
I run three services (Mastodon, Pixelfed, WriteFreely) and would like to have my community use one set of credentials on all three (and any other service they would like to) - is this what I'm understanding is the intent here? I want to run more services but I simply cannot stomach yet more credentials.
2 comments
flanked-evergl 1318 days ago
Maybe this helps:

- https://solidproject.org/TR/protocol#identity

- https://solidproject.org/faqs#webid

- https://solidproject.org/faqs#fewer_passwords

> Does Solid mean we won’t need so many passwords?

> Yes. When you use Solid, you only need to login to your Identity Provider. You can then use applications that interact with your Pod without logging in each of them individually, which is (in our opinion) simpler than having to create accounts on each and every service. However, you will still have to manage what data you would like to share with each application.

link
mynameismonkey 1318 days ago
> Yes. When you use Solid, you only need to login to your Identity Provider.

Maybe I'm not understanding your direction here, but I'm specifically looking for an Identity Provider service to auth ActivityPub service users.

link
Lws803 1318 days ago
That is right :) one credential / account for all instances, we function as third party OAuth provider, it's possible to integrate as long as your platform can integrate allows authenticating through OAuth. We offer a few other features as well but they're not readily supported by Mastodon yet atm, ideally we'd love to centralize user relationships as well so that you won't have to rebuild your friends and followers list on every platform.
link
ISL 1318 days ago
Centralizing the decentralized... what's old is new again?

Seems like the centralization of relationships and credentials ought to be client-side, or a portable protocol all its own, so we don't repeat the mistake of centralizing the most-important data.

link
Lws803 1318 days ago
> Centralizing the decentralized... what's old is new again?

haha you're not wrong, but imo this is a critical part to centralize though. I haven't seen an easy to use (wallet not required) and trusted solution yet for decentralizing auth. Maybe it's underway and I'd be happy to adopt that once it's good.

link
mawise 1318 days ago
IndieAuth[1] is a slick DNS-based approach. Maybe offering that as a service would be a nice alternative. I point my DNS to you, and you handle authentication for everything that uses IndieAuth. If you go away or I don't like what you're doing then I can point my DNS to someone else offering that service and I retain the same DNS identity, and ability to use it to login anywhere I've set it up as my identity.

IndieAuth.com[2] sort of does this already, but it delegates to a "social" login (Facebook/Twitter/Github/Google/etc).

[1]: https://indieweb.org/IndieAuth

[2]: https://indieauth.com/

link
ISL 1318 days ago
One can readily argue that it is simultaneously the most-important part to decentralize. Identity and personal-network are essential to a person's function in modern society.
link
mynameismonkey 1318 days ago
do you plan on a paid white label option?
link
Lws803 1318 days ago
Hmm not sure if I'm getting this right, do you mean white labelling Soul's authentication? To allow for rebranding?
link
mynameismonkey 1318 days ago
yep, I'd like to offer your service @mydomain
link
Lws803 1318 days ago
That might be a possibility (it's not supported now though, we're still really really early stage) but I'm not opposed to that suggestion. This would work well if your network is pretty established already and folks trust your platform instead of trusting the authenticator first.
link
mynameismonkey 1316 days ago
it's around 16,ooo (and growing thanks to the twitter kerfuffle) - very trusted in a small niche
link