Comment by immibis
1 month ago
No open thing can ever do that. By virtue of openness, there are many copies of open things whereas your requirement requires there to be just one.
1 month ago
No open thing can ever do that. By virtue of openness, there are many copies of open things whereas your requirement requires there to be just one.
I think you could get pretty close with OAuth2. You could also have the frontend be a centralized app, but allow people to host their own servers. If the entity controlling the frontend goes off the rails you still have a pretty simple exit strategy.
OAuth2 is a failed protocol - it's more of a set of guidelines for vendors to implement proprietary authentication systems, all incompatible with each other.
There's nothing stopping you from building interoperable protocols on top of OAuth2. I've done it a couple times.
OpenID Connect is another example.
OAuth2 has some worts, but I think it's worth the tradeoffs.