Comment by RealCodingOtaku

11 hours ago

Slight tangent.

The only way to preserve privacy while having a central and easy authentication mechanism I can think of is to use IndieAuth[0] which is built on top of OAuth 2.0.

Of course, you will need to be your own provider, using an IndieAuth provider service defeats the purpose, which is what I see most IndieWeb devs are doing.

You will need to own a (sub)domain though.

[0] https://indieweb.org/IndieAuth?redirected=IndieAuth

2 comments

RealCodingOtaku

snorremd 9 hours ago

WebFinger + self-hosted Oauth provider is indeed nice. Unfortunately not widely available.

apitman 9 hours ago

Take a look at Google's FedCM protocol as well