home.social

#fedcm — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #fedcm, aggregated by home.social.

  1. One thing I really like about ATProto/Atmosphere is the concept of a PDS, or Personal Data Server, storing all your account data.

    The other day someone announced bookhive.buzz, basically ATProto take on bookwyrm.social, but unlike Bookwyrm, which requires you to create a separate account, Bookhive lets you log in with your PDS, most commonly your Bluesky account.

    That's actually pretty neat.

    And we could have something similar with Federated Credential Management (FedCM).

    developer.mozilla.org/en-US/do

    Here's a GitHub issue requesting this for Mastodon:

    github.com/mastodon/mastodon/i

    #fediverse #mastodon #FedCM #indieauth #SocialMedia #ATProto #PDS

  2. One thing I really like about ATProto/Atmosphere is the concept of a PDS, or Personal Data Server, storing all your account data.

    The other day someone announced bookhive.buzz, basically ATProto take on bookwyrm.social, but unlike Bookwyrm, which requires you to create a separate account, Bookhive lets you log in with your PDS, most commonly your Bluesky account.

    That's actually pretty neat.

    And we could have something similar with Federated Credential Management (FedCM).

    developer.mozilla.org/en-US/do

    Here's a GitHub issue requesting this for Mastodon:

    github.com/mastodon/mastodon/i

    #fediverse #mastodon #FedCM #indieauth #SocialMedia #ATProto #PDS

  3. One thing I really like about ATProto/Atmosphere is the concept of a PDS, or Personal Data Server, storing all your account data.

    The other day someone announced bookhive.buzz, basically ATProto take on bookwyrm.social, but unlike Bookwyrm, which requires you to create a separate account, Bookhive lets you log in with your PDS, most commonly your Bluesky account.

    That's actually pretty neat.

    And we could have something similar with Federated Credential Management (FedCM).

    developer.mozilla.org/en-US/do

    Here's a GitHub issue requesting this for Mastodon:

    github.com/mastodon/mastodon/i

    #fediverse #mastodon #FedCM #indieauth #SocialMedia #ATProto #PDS

  4. One thing I really like about ATProto/Atmosphere is the concept of a PDS, or Personal Data Server, storing all your account data.

    The other day someone announced bookhive.buzz, basically ATProto take on bookwyrm.social, but unlike Bookwyrm, which requires you to create a separate account, Bookhive lets you log in with your PDS, most commonly your Bluesky account.

    That's actually pretty neat.

    And we could have something similar with Federated Credential Management (FedCM).

    developer.mozilla.org/en-US/do

    Here's a GitHub issue requesting this for Mastodon:

    github.com/mastodon/mastodon/i

    #fediverse #mastodon #FedCM #indieauth #SocialMedia #ATProto #PDS

  5. One thing I really like about ATProto/Atmosphere is the concept of a PDS, or Personal Data Server, storing all your account data.

    The other day someone announced bookhive.buzz, basically ATProto take on bookwyrm.social, but unlike Bookwyrm, which requires you to create a separate account, Bookhive lets you log in with your PDS, most commonly your Bluesky account.

    That's actually pretty neat.

    And we could have something similar with Federated Credential Management (FedCM).

    developer.mozilla.org/en-US/do

    Here's a GitHub issue requesting this for Mastodon:

    github.com/mastodon/mastodon/i

    #fediverse #mastodon #FedCM #indieauth #SocialMedia #ATProto #PDS

  6. Have you looked at FedCM yet?

    Here is short video explaining what it is, and why the idp-registration feature could matter a lot for decentralized identity and login UX.

    Learn more at liquid.surf/fedcm

    #FedCM #Identity #OpenWeb #DecentralizedWeb #indieweb

  7. Have you looked at FedCM yet?

    Here is short video explaining what it is, and why the idp-registration feature could matter a lot for decentralized identity and login UX.

    Learn more at liquid.surf/fedcm

    #FedCM #Identity #OpenWeb #DecentralizedWeb #indieweb

  8. Have you looked at FedCM yet?

    Here is short video explaining what it is, and why the idp-registration feature could matter a lot for decentralized identity and login UX.

    Learn more at liquid.surf/fedcm

    #FedCM #Identity #OpenWeb #DecentralizedWeb #indieweb

  9. Have you looked at FedCM yet?

    Here is short video explaining what it is, and why the idp-registration feature could matter a lot for decentralized identity and login UX.

    Learn more at liquid.surf/fedcm

    #FedCM #Identity #OpenWeb #DecentralizedWeb #indieweb

  10. Have you looked at FedCM yet?

    Here is short video explaining what it is, and why the idp-registration feature could matter a lot for decentralized identity and login UX.

    Learn more at liquid.surf/fedcm

    #FedCM #Identity #OpenWeb #DecentralizedWeb #indieweb

  11. This is pretty darn cool. I don't know a lot about IdP registration, but it looks like this could improve the Sign-In flow in decentralized ecosystems.

    Did I copy pasta a lot of that to try and entice you to watch this video? Yes, yes I did.

    spectra.video/w/nZsKQ6jJkwnZ62

    #idp #decentralization #signin #fedcm

  12. This is pretty darn cool. I don't know a lot about IdP registration, but it looks like this could improve the Sign-In flow in decentralized ecosystems.

    Did I copy pasta a lot of that to try and entice you to watch this video? Yes, yes I did.

    spectra.video/w/nZsKQ6jJkwnZ62

    #idp #decentralization #signin #fedcm

  13. This is pretty darn cool. I don't know a lot about IdP registration, but it looks like this could improve the Sign-In flow in decentralized ecosystems.

    Did I copy pasta a lot of that to try and entice you to watch this video? Yes, yes I did.

    spectra.video/w/nZsKQ6jJkwnZ62

    #idp #decentralization #signin #fedcm

  14. This is pretty darn cool. I don't know a lot about IdP registration, but it looks like this could improve the Sign-In flow in decentralized ecosystems.

    Did I copy pasta a lot of that to try and entice you to watch this video? Yes, yes I did.

    spectra.video/w/nZsKQ6jJkwnZ62

    #idp #decentralization #signin #fedcm

  15. This is pretty darn cool. I don't know a lot about IdP registration, but it looks like this could improve the Sign-In flow in decentralized ecosystems.

    Did I copy pasta a lot of that to try and entice you to watch this video? Yes, yes I did.

    spectra.video/w/nZsKQ6jJkwnZ62

    #idp #decentralization #signin #fedcm

  16. Entendi corretamente?

    O FedCM usa a própria API do navegador pra criar pop-up de login sem ter que enviar cookies ou sessão pras plataformas de login social?

    Dá pra validar o usuário no IdP institucional sem expor tanto as contas aos rastreadores dos sites

    developer.chrome.com/docs/iden

    #fedCM #duvida

  17. Entendi corretamente?

    O FedCM usa a própria API do navegador pra criar pop-up de login sem ter que enviar cookies ou sessão pras plataformas de login social?

    Dá pra validar o usuário no IdP institucional sem expor tanto as contas aos rastreadores dos sites

    developer.chrome.com/docs/iden

    #fedCM #duvida

  18. Entendi corretamente?

    O FedCM usa a própria API do navegador pra criar pop-up de login sem ter que enviar cookies ou sessão pras plataformas de login social?

    Dá pra validar o usuário no IdP institucional sem expor tanto as contas aos rastreadores dos sites

    developer.chrome.com/docs/iden

    #fedCM #duvida

  19. Entendi corretamente?

    O FedCM usa a própria API do navegador pra criar pop-up de login sem ter que enviar cookies ou sessão pras plataformas de login social?

    Dá pra validar o usuário no IdP institucional sem expor tanto as contas aos rastreadores dos sites

    developer.chrome.com/docs/iden

    #fedCM #duvida

  20. Entendi corretamente?

    O FedCM usa a própria API do navegador pra criar pop-up de login sem ter que enviar cookies ou sessão pras plataformas de login social?

    Dá pra validar o usuário no IdP institucional sem expor tanto as contas aos rastreadores dos sites

    developer.chrome.com/docs/iden

    #fedCM #duvida

  21. if you're interested in #atproto getting a better sign-in flow in browsers, please give this a thumbs up. #FedCM also if u know more about how this would benefit you, leave a comment following their template! github.com/web-platform...

    Federated credential managemen...

  22. #FedCM is a proposed standard API for frictionless, privacy-preserving 𝐟𝐞𝐝𝐞𝐫𝐚𝐭𝐞𝐝 𝐥𝐨𝐠𝐢𝐧 on the web.

    👉 Simplifies login for both 𝐮𝐬𝐞𝐫𝐬 & 𝐝𝐞𝐯𝐞𝐥𝐨𝐩𝐞𝐫𝐬.
    ✅ Already supported in 𝐂𝐡𝐫𝐨𝐦𝐢𝐮𝐦 𝐛𝐫𝐨𝐰𝐬𝐞𝐫𝐬.

    📰 Dive deeper in this #InfoQ article by Dan Moore: bit.ly/4n9BKcY

    #WebDevelopment #SoftwareArchitecture #SoftwareDevelopment

  23. #FedCM is a proposed standard API for frictionless, privacy-preserving 𝐟𝐞𝐝𝐞𝐫𝐚𝐭𝐞𝐝 𝐥𝐨𝐠𝐢𝐧 on the web.

    👉 Simplifies login for both 𝐮𝐬𝐞𝐫𝐬 & 𝐝𝐞𝐯𝐞𝐥𝐨𝐩𝐞𝐫𝐬.
    ✅ Already supported in 𝐂𝐡𝐫𝐨𝐦𝐢𝐮𝐦 𝐛𝐫𝐨𝐰𝐬𝐞𝐫𝐬.

    📰 Dive deeper in this #InfoQ article by Dan Moore: bit.ly/4n9BKcY

    #WebDevelopment #SoftwareArchitecture #SoftwareDevelopment

  24. #FedCM is a proposed standard API for frictionless, privacy-preserving 𝐟𝐞𝐝𝐞𝐫𝐚𝐭𝐞𝐝 𝐥𝐨𝐠𝐢𝐧 on the web.

    👉 Simplifies login for both 𝐮𝐬𝐞𝐫𝐬 & 𝐝𝐞𝐯𝐞𝐥𝐨𝐩𝐞𝐫𝐬.
    ✅ Already supported in 𝐂𝐡𝐫𝐨𝐦𝐢𝐮𝐦 𝐛𝐫𝐨𝐰𝐬𝐞𝐫𝐬.

    📰 Dive deeper in this #InfoQ article by Dan Moore: bit.ly/4n9BKcY

    #WebDevelopment #SoftwareArchitecture #SoftwareDevelopment

  25. #FedCM is a proposed standard API for frictionless, privacy-preserving 𝐟𝐞𝐝𝐞𝐫𝐚𝐭𝐞𝐝 𝐥𝐨𝐠𝐢𝐧 on the web.

    👉 Simplifies login for both 𝐮𝐬𝐞𝐫𝐬 & 𝐝𝐞𝐯𝐞𝐥𝐨𝐩𝐞𝐫𝐬.
    ✅ Already supported in 𝐂𝐡𝐫𝐨𝐦𝐢𝐮𝐦 𝐛𝐫𝐨𝐰𝐬𝐞𝐫𝐬.

    📰 Dive deeper in this #InfoQ article by Dan Moore: bit.ly/4n9BKcY

    #WebDevelopment #SoftwareArchitecture #SoftwareDevelopment

  26. is a proposed standard API for frictionless, privacy-preserving 𝐟𝐞𝐝𝐞𝐫𝐚𝐭𝐞𝐝 𝐥𝐨𝐠𝐢𝐧 on the web.

    👉 Simplifies login for both 𝐮𝐬𝐞𝐫𝐬 & 𝐝𝐞𝐯𝐞𝐥𝐨𝐩𝐞𝐫𝐬.
    ✅ Already supported in 𝐂𝐡𝐫𝐨𝐦𝐢𝐮𝐦 𝐛𝐫𝐨𝐰𝐬𝐞𝐫𝐬.

    📰 Dive deeper in this article by Dan Moore: bit.ly/4n9BKcY

  27. Came across #FedCM and immediately became suspicious: #privacy preserving federated #identity management. By #Google?! I just don't buy it.

    Remember these are the same guys who killed #uBlock on chrome-based browsers.

    I appreciate any #help or #insight on this!

    privacysandbox.google.com/cook

  28. Came across #FedCM and immediately became suspicious: #privacy preserving federated #identity management. By #Google?! I just don't buy it.

    Remember these are the same guys who killed #uBlock on chrome-based browsers.

    I appreciate any #help or #insight on this!

    privacysandbox.google.com/cook

  29. Awesome to see Shop using #FedCM in the wild!

  30. Awesome to see Shop using #FedCM in the wild!

  31. Awesome to see Shop using #FedCM in the wild!

  32. Awesome to see Shop using #FedCM in the wild!

  33. Awesome to see Shop using #FedCM in the wild!

  34. What's a good example for #FedCM in the wild? Are there any yet?

    FedCM=Federated Credential Management developer.mozilla.org/en-US/do

  35. What's a good example for #FedCM in the wild? Are there any yet?

    FedCM=Federated Credential Management developer.mozilla.org/en-US/do

  36. What's a good example for #FedCM in the wild? Are there any yet?

    FedCM=Federated Credential Management developer.mozilla.org/en-US/do

  37. What's a good example for #FedCM in the wild? Are there any yet?

    FedCM=Federated Credential Management developer.mozilla.org/en-US/do

  38. What's a good example for #FedCM in the wild? Are there any yet?

    FedCM=Federated Credential Management developer.mozilla.org/en-US/do

  39. Indie social sign-in could go mainstream
    blog.erlend.sh/indie-social-si
    submitted by erlend_sh to fediverse3 points | 0 commentshttps://blog.erlend.sh/indie-social-sign-in-could-go-mainstreamBack in June I wrote about an exciting confluence of digital auth tech:
    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .
    In short, it is now easier than ever to log into web applications using

  40. Indie social sign-in could go mainstream
    blog.erlend.sh/indie-social-si
    submitted by erlend_sh to fediverse3 points | 0 commentshttps://blog.erlend.sh/indie-social-sign-in-could-go-mainstreamBack in June I wrote about an exciting confluence of digital auth tech:
    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .
    In short, it is now easier than ever to log into web applications using

  41. Indie social sign-in could go mainstream
    blog.erlend.sh/indie-social-si
    submitted by erlend_sh to fediverse3 points | 0 commentshttps://blog.erlend.sh/indie-social-sign-in-could-go-mainstreamBack in June I wrote about an exciting confluence of digital auth tech:
    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .
    In short, it is now easier than ever to log into web applications using

  42. Back in June I wrote about an exciting confluence of digital auth tech:

    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .

    In short, it is now easier than ever to log into web applications using your own website as an identity provider. Or at least, it would be, if your favorite web apps supported these agency-enhancing technologies.

    blog.erlend.sh/indie-social-si

    #opensource #indieweb #identity

  43. Back in June I wrote about an exciting confluence of digital auth tech:

    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .

    In short, it is now easier than ever to log into web applications using your own website as an identity provider. Or at least, it would be, if your favorite web apps supported these agency-enhancing technologies.

    blog.erlend.sh/indie-social-si

    #opensource #indieweb #identity

  44. Back in June I wrote about an exciting confluence of digital auth tech:

    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .

    In short, it is now easier than ever to log into web applications using your own website as an identity provider. Or at least, it would be, if your favorite web apps supported these agency-enhancing technologies.

    blog.erlend.sh/indie-social-si

    #opensource #indieweb #identity

  45. Back in June I wrote about an exciting confluence of digital auth tech:

    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .

    In short, it is now easier than ever to log into web applications using your own website as an identity provider. Or at least, it would be, if your favorite web apps supported these agency-enhancing technologies.

    blog.erlend.sh/indie-social-si

    #opensource #indieweb #identity

  46. Back in June I wrote about an exciting confluence of digital auth tech:

    (1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .

    In short, it is now easier than ever to log into web applications using your own website as an identity provider. Or at least, it would be, if your favorite web apps supported these agency-enhancing technologies.

    blog.erlend.sh/indie-social-si

    #opensource #indieweb #identity

  47. Anyone interested in single sign-on / #SSO? Want a new toy to play with? I've been experimenting with it recently, and now I've got something to share: an experimental demo of how a "Sign in with the Fediverse" mechanism might work.

    If you have a Mastodon or Hubzilla account, or an IndieAuth-style self-hosted identity, I'd like to invite you to try and sign in to my test site at login.mythik.co.uk.

    Headline features:
    • User authentication/authorization based on the Ory tools.
    • Supports signing in using an existing Fediverse (or other) account - or one you host yourself
    • Open source - well, not yet, but it could be, if people are interested in it
    • Written by a non-expert! Woefully insecure! All manner of attacks, just waiting to be found! Invite your security expert friends to the party, and laugh together at the n00b! Fun for all the family!

    Supported identity providers include:

    (There's a chance Streams might work, too.)

    Protocols supported:

    If you can get it to work - share a screenshot and let me know what you think!

    (I'll try to keep this running for a while, but I can't guarantee it - partly because I haven't finished trying to attack it yet. If I have to take it down for some reason, I'll edit this post to say so.)
  48. Anyone interested in single sign-on / #SSO? Want a new toy to play with? I've been experimenting with it recently, and now I've got something to share: an experimental demo of how a "Sign in with the Fediverse" mechanism might work.

    If you have a Mastodon or Hubzilla account, or an IndieAuth-style self-hosted identity, I'd like to invite you to try and sign in to my test site at login.mythik.co.uk.

    Headline features:
    • User authentication/authorization based on the Ory tools.
    • Supports signing in using an existing Fediverse (or other) account - or one you host yourself
    • Open source - well, not yet, but it could be, if people are interested in it
    • Written by a non-expert! Woefully insecure! All manner of attacks, just waiting to be found! Invite your security expert friends to the party, and laugh together at the n00b! Fun for all the family!

    Supported identity providers include:

    (There's a chance Streams might work, too.)

    Protocols supported:

    If you can get it to work - share a screenshot and let me know what you think!

    (I'll try to keep this running for a while, but I can't guarantee it - partly because I haven't finished trying to attack it yet. If I have to take it down for some reason, I'll edit this post to say so.)
  49. Anyone interested in single sign-on / #SSO? Want a new toy to play with? I've been experimenting with it recently, and now I've got something to share: an experimental demo of how a "Sign in with the Fediverse" mechanism might work.

    If you have a Mastodon or Hubzilla account, or an IndieAuth-style self-hosted identity, I'd like to invite you to try and sign in to my test site at login.mythik.co.uk.

    Headline features:
    • User authentication/authorization based on the Ory tools.
    • Supports signing in using an existing Fediverse (or other) account - or one you host yourself
    • Open source - well, not yet, but it could be, if people are interested in it
    • Written by a non-expert! Woefully insecure! All manner of attacks, just waiting to be found! Invite your security expert friends to the party, and laugh together at the n00b! Fun for all the family!

    Supported identity providers include:

    (There's a chance Streams might work, too.)

    Protocols supported:

    If you can get it to work - share a screenshot and let me know what you think!

    (I'll try to keep this running for a while, but I can't guarantee it - partly because I haven't finished trying to attack it yet. If I have to take it down for some reason, I'll edit this post to say so.)
  50. Just learned about the "Federated Credential Management API" #FedCM - a new proposal that adds browser support for managing delegated authentication workflows #OAuth #OIDC. It already looks great, but could be expanded with user-centric identity provider registration for more decentralization, as explained here: liquid.surf/2024/2/7/Can-FedCM