indieauth-for-login

From IndieWeb
Jump to: navigation, search

IndieAuth for login is a user flow and protocol for web applications to implement user login via an authorization server. The user chooses an authorization server by linking to it from their home page.

Contents

Authorization Process

indieauth-login-flow.png

  1. User enters their personal web address in the login form of the web application and clicks "Log in"
  2. Web application discovers the authorization endpoint by fetching the user's homepage
  3. Web application redirects the user's browser to the authorization endpoint
  4. Authorization endpoint verifies the user, e.g. by logging in
  5. Authorization endpoint redirects the browser back to the web application, including a code
  6. Web application verifies the code directly with the authorization endpoint
  7. User is logged into the web application

How to Specify an Authorization Endpoint

Applications will check the URL entered as the identity for a link tag with a rel value of "authorization_endpoint". You can place this code on your home page to delegate to a specific authorization endpoint of your choosing.

<link rel="authorization_endpoint" href="http://indieauth.example.org/">

Authorization Services


See Also

Personal tools
Namespaces
Variants
Actions
Recent & Upcoming
Resources
Toolbox