cross-posted from: https://lemmy.giftedmc.com/post/78146

Hi folks! Today I have asked myself if I could login with one (no, not google or apple or micosoft) account in all the (30 I think) forums that I have to use as a FOSS admin. Nextcloud Forum, Ubuntu Forum, Mint forum, Makemkv Forum, Papermc Forum, linux.org, etc.

We obviously are on a forum-like social platform but we cant make people use this as their forum I suppose. Ideally, I'd like to federate "all forums" so to speak but that would probably take a shit ton of work. https://socialhub.activitypub.rocks/t/does-this-forum-use-activitypub/2545/2

If not federate the content, maybe federate the logins. So that the profiles federate from one place to the next and you can login anywhere without having 30 different passwords for one "service" (forum in this case).

The next step down would be a foss SSO solution. There seem to be some but I hardly see any pages mention them possibility at all. https://sennovate.com/best-open-source-single-sign-on-solutions/

Am I missing something or is this still in the distant future?

Thanks for reading. Have a good one.

top 12 comments
sorted by: hot top controversial new old
[-] tutus@links.hackliberty.org 21 points 2 months ago* (last edited 2 months ago)

Is this not what the goal of OpenID was? They have a section on their website for providers https://openid.net/developers/certified-openid-connect-implementations/

But I'm sure you would have come across this so I may be missing something.

[-] Zak@lemmy.world 8 points 2 months ago

I'm sad OpenID didn't get more popular. Why aren't popular fediverse accounts OpenID providers? Why can't I use it to log into Discourse forums?

[-] nilloc@discuss.tchncs.de 5 points 2 months ago

Because google and Facebook co-opted it and took over the mindshare of openID.

[-] Zak@lemmy.world 1 points 2 months ago

That may be part of it, for other corporations. It doesn't explain why Discourse and Mastodon aren't doing it, for example.

[-] grant@toast.ooo 4 points 2 months ago

OpenID is a federated protocol and it would honestly be great if Fediverse projects added it to the core servers

more info on this

[-] nix@merv.news 3 points 2 months ago

Do you have any eta on when it’ll be available on lemmy?

(iirc you’re working on this?)

[-] grant@toast.ooo 2 points 2 months ago

I don't know Rust well enough to implement it in the core of Lemmy, instead it'd be another service instances would run then do some reverse proxy magic to properly run it on their servers

but I'm planning to use it for canvas 2024, so in a couple months there should be at least a functional version published on github (or some other code platform) (i'll post updates to this on !canvas@toast.ooo & probably my mastodon)

[-] Zak@lemmy.world 1 points 2 months ago

I agree, though I suspect it could lead to an abuse problem by making it very easy to create disposable identities. I'd like to see a federated reputation system for both individual identities and domains to improve that. For forum-like communities, that would likely mean users without enough positive reputation get their comments held for moderation.

[-] haui_lemmy@lemmy.giftedmc.com 1 points 2 months ago

Interesting! I gave it a short search but instead of reading for hours I wanted to ask the pros. :)

[-] davidgro@lemmy.world 6 points 2 months ago

I think one issue is that it might be hard to keep a malicious server owner from sniffing or phishing your creds. I guess the big commercial SSO systems depend on companies being large enough to afford it, as a filter for fly-by-night operations.

[-] Zak@lemmy.world 6 points 2 months ago

It's really easy because the site you're logging into never gets creds. It gets a cryptographic signature it can check against a public key.

[-] davidgro@lemmy.world 6 points 2 months ago

That's true if the form the user sees is actually the one they expect to see from their SSO origin server

this post was submitted on 02 Dec 2023
29 points (100.0% liked)


25276 readers
276 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

If you want help with making a lemmy bot, then head over to !lemmybotsupport@lemmy.world!


Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 9 months ago