- You don't need silo accounts to use Selfauth, so it's IndieAuth without Twitter or Github.
- More privacy: you don't tell silos that you want to login somewhere, only your own server.
- Not vulnerable for social engineering with silo accounts.
- Download the latest version of selfauth from GitHub: https://github.com/Inklings-io/selfauth/archive/master.zip.
setup.phpto any public folder on your website. The rest of this how to assumes a folder called
authin the root of your website, reachable on
- Navigate to
setup.phpin your browser, e.g.
https://example.com/auth/setup.phpand follow the steps on screen.
- It will ask you to provide the URL you want to login with, probably your homepage, and
- a password to identify yourself with.
- Add a link to your homepage so websites you are logging in to can find it. Do this by adding the following to your
<head>, don’t forget to change the
hrefto link to where you uploaded the files!
<link rel="authorization_endpoint" href="https://example.com/auth/" />
You are done and can now login to any IndieAuth supporting website with nothing other than your own site!
This How-to was derived from the official README on 2017-08-13. Always check out a project’s README file to double check for new developments.
Martijn van der Ven
- It's easier to use rel=me and re-use your existing accounts, with all it's security features.
- However, this criticism is only applicable when using selfauth for authenticating to sites. When authorizing an app such as a Micropub app to let it post to your site, some other software needs to run in order for that to happen: either a self-hosted token endpoint or a service such as IndieAuth.com.