The decentralization of Single Sign-on seems like a natural step in improving usability and accessability of the fediverse. It will require a lot less account and make it far easier to interact with content. Are there anybody working on this?

  • Kroktann@lemmy.ml
    link
    fedilink
    arrow-up
    6
    ·
    3 years ago

    Isn’t this exactly what OpenID Connect is/was all about? Afaik this is still the protocol behind the “log in with facebook/google/github” options you find on many websites, but it can be a fully decentralised authentication scheme if they’d only let users type in their own identity url.

    • poVoq@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      3 years ago

      IMHO while often called federated authentification, OIDC is more delegated authentication especially when a few central services are used.

      The older OpenID standard let people put their own url, but it never got much traction and is pretty much abandoned by now.

      Actual federated authentication like Hubzilla’s Magicauth or Webauthn is seamless. You just open a link and the website will recognize you as a remote user and let you do stuff based on your permission level.

      • Kroktann@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        I don’t disagree with that, but there’s nothing preventing anybody from setting up their own OIDC service, and for sites to accept any OIDC provider rather than just a couple of giant ones.

        And yeah, the Hubzilla Magicauth is really nice! Not sure how easy it is to apply it to other uses than Hubzilla/zot though. Could be worth exploring.