- You don't need silo accounts to use Selfauth, so it's IndieAuth without Twitter or Github.
- More privacy: you don't tell silos that you want to login somewhere, only your own server.
- Not vulnerable for social engineering with silo accounts.
- Download the latest version of selfauth from GitHub: https://github.com/Inklings-io/selfauth/archive/master.zip.
setup.phpto any public folder on your website. The rest of this how to assumes a folder called
authin the root of your website, reachable on
- Navigate to
setup.phpin your browser, e.g.
https://example.com/auth/setup.phpand follow the steps on screen.
- It will ask you to provide the URL you want to login with, probably your homepage, and
- a password to identify yourself with.
- Add a link to your homepage so websites you are logging in to can find it. Do this by adding the following to your
<head>, don’t forget to change the
hrefto link to where you uploaded the files!
<link rel="authorization_endpoint" href="https://example.com/auth/" />
You are done and can now login to any IndieAuth supporting website with nothing other than your own site!
This How-to was derived from the official README on 2017-08-13. Always check out a project’s README file to double check for new developments.
Martijn van der Ven
fluffy has been using selfauth since December 2018 for providing IndieAuth login to webmention.io et al, as well as her own website's admin dashboard
- It's easier to use rel=me and re-use your existing accounts, with all it's security features.
- However, this criticism is only applicable when using selfauth for authenticating to sites. When authorizing an app such as a Micropub app to let it post to your site, some other software needs to run in order for that to happen: either a self-hosted token endpoint or a service such as IndieAuth.com.