why does the fediverse not serve the authentication problem? (lemmy.ml)

submitted 1 year ago by beta_tester@lemmy.ml to c/fediverse@lemmy.ml

19 comments fedilink hide all child comments

I still have many different accounts on matrix, lemmy, mastodon, etc. and although you may communicate somehow, it doesn't work properly.

you are viewing a single comment's thread
view the rest of the comments

[-] ramble81@lemm.ee 11 points 1 year ago

You can use federated SSO. The remote site never sees your credentials but only a token that you’ve been authenticated against your home instance.

That being said, that’s probably the problem, in order to do federation a small degree of trust is required between the two instances. I guess that is already done with activityPub since you’re getting content from remote instances.

[-] taladar@sh.itjust.works 2 points 1 year ago

a token that you’ve been authenticated against your home instance.

I assume you are talking about OpenId Connect (or OAuth 2.0 but that is basically what OpenId Connect is based on) here. The crucial bit that didn't really work out with this is the part where users just specify their OpenId Connect provider at login time. All uses I have seen in at least 10 years have a fixed list of providers to choose from because of these trust issues.

this post was submitted on 18 Oct 2023

38 points (95.2% liked)

Fediverse

17625 readers

69 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

What is the fediverse?
- Short ver.
- Full ver.
Fediverse Platforms
How to run your own community

founded 4 years ago

MODERATORS

deadsuperhero@lemmy.ml

wakest@lemmy.ml