IndieAuth allows you to login to services which support it by using your own domain, much in the same way that Facebook or Twitter allow a user to login to other services using their Facebook or Twitter credentials.
One of the strengths of IndieAuth is that you don’t necessarily have to run any special software on your site itself. If your site has software which can be used to authenticate you, great – you can use that; if not, you can use another site to do the actual authentication, by way of rel-me-auth. Using a third-party site might sound counter-intuitive and complex, but the IndieWeb and IndieAuth make it simple. All you need are a few tags and links.
Many IndieWeb services and tools utilise IndieAuth for authentication, and the hope is more services will follow in time. By adding it to your site, you can make use of these services and any that come online in the future.
In a later article I’m planning on using one such service, so
The Building Blocks
The basic elements of IndieAuth are:
- Your own domain
- Somewhere to authenticate you
The good news is, if you completed Step1, where we added an h-card to your site, you have the start of these already. To build this into a working system, it’s easiest if we start with the last item on the list.
Somewhere to authenticate you
IndieAuth authentication primarily works over a protocol known as OAuth. Unfortunately, Textpattern does not natively support OAuth at this time… but the good news is many other services do! Supported external providers include Twitter and Github. If you also run a WordPress-powered site, you can use the IndieAuth plugin.
For the widest compatibility, I recommend sticking to Twitter or Github as your authentication method for now. If you already have an account with one of these services, then great! If not, sign up to one of them (Github is the least spammy of the two, in my experience).
Adding the appropriate rel=“me” links
On Your Site
The link between your site and the provider is made through mutual links featuring the attribute
rel="me". The easiest way to do this is to add it to the h-card you created in “step 1”:s1. For example, if I were to add my Github link to the example h-card, it would look like this:
<div class="h-card vcard"> <h4 class="p-name fn">Chris McLeod</h4> <ul> <li><a href="https://mrkapowski.com" rel="me" class="u-url">Website</a></li> <li><a href="https://github.com/MrKapowski" rel="me authn" class="u-url">Github</a></li> </ul> </div>
If you have more than one service you can use to login, and want to specify which one should be used, add
authn to the
rel attribute, like I have in the example above.
On the authentication service
To close the loop, the authentication service needs to link back to your Textpattern website. For Twitter or Github, this simply means adding your website address to your profile. If you have more than one website to link to, you can alternatively put the link in the “bio” section, like I’ve done in my Github profile:
If you’re using another website then you’ll need to edit the page to include link back to your Textpattern website, that includes the
Once you have the links in place, it’s time to test that everything is setup correctly. You can use either the validator at IndieWebify.me, or the login form at IndieLogin.com. Each has their own comprimise: the IndieWebify validator doesn’t currently recognise links in the “bio” field of Twitter or Github, and IndieLogin – at this time – doesn’t recognise authentication providers outside of a small list. There’s no harm in trying both.
IndieWebify will examine your site, then check the URLs marked with
rel="me" and give you a report on the results:
IndieLogin will actually step you through the authentication process; it will scan your site, check for a supported provider, and then authenticate you with that provider:
Login with your domain
Authenticate with service
Thanks to a few simple links, you should now be able to login to many IndieWeb services by using your domain name as your identifier. The next guide I’m working on will make use of this capability, when we setup your Textpattern website to receive Webmentions.