AutoAuth is the working title of an extension to IndieAuth that allows clients to authorize to other servers in the name of their user, without the user being present to confirm each individual authorization flow. It can be found on GitHub.
Allow an application to access protected resources on a server it hasn't connected to before, without the user being present to confirm the usual, interactive, IndieAuth flow. The user and his authorization endpoint should still be in control of when this happens.
- readers accessing private posts and feeds
- verifying private webmentions
earlier history at https://indieweb.org/2018/Nuremberg/autoauth#Notes_from_Dinner
- discussion on GitHub! https://github.com/sknebel/AutoAuth/issues
- a "post" that returns what user you obtained a token for: https://www.svenknebel.de/testing/autoauth/