Hacker News new | ask | show | jobs
by immibis 177 days ago
No open thing can ever do that. By virtue of openness, there are many copies of open things whereas your requirement requires there to be just one.
1 comments
apitman 176 days ago
I think you could get pretty close with OAuth2. You could also have the frontend be a centralized app, but allow people to host their own servers. If the entity controlling the frontend goes off the rails you still have a pretty simple exit strategy.
link
immibis 176 days ago
OAuth2 is a failed protocol - it's more of a set of guidelines for vendors to implement proprietary authentication systems, all incompatible with each other.
link
apitman 175 days ago
There's nothing stopping you from building interoperable protocols on top of OAuth2. I've done it a couple times.

OpenID Connect is another example.

OAuth2 has some worts, but I think it's worth the tradeoffs.

link