Back in June I wrote about an exciting confluence of digital auth tech:
(1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .
In short, it is now easier than ever to log into web applications using your own website as an identity provider. Or at least, it would be, if your favorite web apps supported these agency-enhancing technologies.
https://blog.erlend.sh/indie-social-sign-in-could-go-mainstream
#opensource #indieweb #identity
That’s a load-bearing “could” if I’ve ever seen one.
I don’t really see the point of these new authentication methods. OpenID had federated authentication years ago that was actually used by a bunch of sites like stackoverflow. Native browser support is nice (as long as browser addons can be used to manage credentials) but I don’t really see that big an advantage to good ol’ OpenID.
OpenID died in the federated space because developers couldn’t be bothered to trust anyone but Google, Facebook, and Twitter, so I’m not sure why things would change now, unless the big auth providers shut down their OAuth APIs in favour of fedcm.