2013/Auth Jam Session

From IndieWeb

notes at: https://etherpad.mozilla.org/indiewebcamp-indieauth

Indie Auth Jam


  • Any problems with IndieAuth and your site?
    • Rob Lord: having problems with IndieAuth as of 2013-06-22 - couldn't log into IndieWebCamp. Possible cause: rel="me nofollow" or rel="nofollow me" found in twitter.com/r0bl0rd and github.com/r0bl0rd Fixed. HTTP vs HTTPS err.
  • IndieAuth recent changes:
    • enforced http / https consistency
    • if your auth provider redirects to an https profile URL, you MUST directly link to the https version

IndieAuth + Persona

IndieAuth + Persona + WebFinger

  • rel-me to an email
  • email is authenticated with Persona with verification with requiredEmail
  • final check is WebFinger discovery on the email address to make sure it links back to the original home page

IndieAuth + SMS

Example: Adding something like this to your site should enable SMS authentication on IndiAuth.

<a rel="me" href="sms:+15035555555">(503) 555-5555</a>

RelMeAuth 101 - by tantek


Which providers support rel=me?

How does the RelMeAuth flow work?


How do you consume IndieAuth?

  • ... use the IndieAuth.com service - see there for instructions.

What about IndieAuth being a Persona IdP?

  • Log in to a site with your email address, starts the IndieAuth process

See Also