web-sign-in: Difference between revisions
(susequent sign-ins, input type=url) |
(→user interface: note preferably to https, similar to IndieAuth spec guidance) |
||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
{{DISPLAYTITLE:Web sign-in}} | |||
Use the (Web sign-in) button on a site to sign-in with your personal web address. | Use the (Web sign-in) button on a site to sign-in with your personal web address. | ||
Line 32: | Line 32: | ||
== developers == | == developers == | ||
See the [[RelMeAuth]] page for documentation on how to support Web sign-in on your site. | === user interface === | ||
For the Web sign-in UI, see the text mockups at the top of this page as a design starting point. | |||
Important details: | |||
* The web address input "[........................]" MUST accept | |||
** a "plain domain" e.g. tantek.com and canonicalize that to http://tantek.com/ or preferably to https://tantek.com/ | |||
** an http(s) domain without a path e.g. http://sixtwothree.org or https://sixtwothree.org and canonicalize http://sixtwothree.org/ or https://sixtwothree.org/ respectively | |||
=== protocol === | |||
See the [[RelMeAuth]] page for documentation on how to support Web sign-in protocol on your site. | |||
=== example implementations === | === example implementations === | ||
* [http://tantek.com/relmeauth/ RelMeAuth prototype] demonstrates Web sign-in for both read-only/read-write permissions, and provides a simple interface for Tweeting when read-write permissions are provided. | * [http://tantek.com/relmeauth/ RelMeAuth prototype] demonstrates Web sign-in for both read-only/read-write permissions, and provides a simple interface for Tweeting when read-write permissions are provided. | ||
* [http://indieauth.com IndieAuth] not only uses Web sign-in but also provides a | * [http://indieauth.com IndieAuth] not only uses Web sign-in but also provides a web sign-in authentication API! | ||
** IndieWebCamp: Try out IndieAuth by signing-in to [http://IndieWebCamp.com IndieWebCamp.com]. | ** IndieWebCamp: Try out IndieAuth by signing-in to [http://IndieWebCamp.com IndieWebCamp.com]. | ||
== why == | == why == | ||
See [http://indiewebcamp.com/Why_web_sign-in Why web sign-in] on the IndieWebCamp site. | See [http://indiewebcamp.com/Why_web_sign-in Why web sign-in] on the IndieWebCamp site. |
Latest revision as of 21:55, 26 August 2021
Use the (Web sign-in) button on a site to sign-in with your personal web address.
When you click a (Web sign-in) button, the site will ask you for your web address, e.g.:
Web address: [........................] (Sign-in)
Web address:
[........................]
(Sign-in)
Enter your personal web address and press return / click (Sign-in).
set up
Your personal site must be set up for web sign-in.
- Link from your personal site to your other profiles. Add
rel="me"
to those hyperlinks. E.g.:<a rel="me" href="http://twitter.com/your_twitter_alias">...
- Edit your other profiles, e.g. your Twitter profile settings, and set the "Web" ("homepage", "Website/Blog") field to your personal site. E.g.
Web http://yoursite.example.com/
- When you use your personal site with web sign-in the first time*, your browser will redirect you to to your online profile, e.g. Twitter, and ask you to:
- Sign-in with your account on that profile (e.g. sign in to Twitter) if you're not already signed-in.
- Authorize the site to use your account, e.g. your Twitter account:
Click the ( Sign In ) button and you should be all set.Authorize Site to use your account?
This application will be able to:
- Read Tweets from your timeline.
- See who you follow.
( Sign In )
* Subsequent sign-ins to the same web sign-in form should be pre-filled with your domain name (e.g. via a cookie from the site) so all you have to do is click (Sign-in). In addition, if the site is properly using HTML5 <input type=url>
, browsers will help you auto-complete your personal web address for you across all sites that do web sign-in.
developers
user interface
For the Web sign-in UI, see the text mockups at the top of this page as a design starting point.
Important details:
- The web address input "[........................]" MUST accept
- a "plain domain" e.g. tantek.com and canonicalize that to http://tantek.com/ or preferably to https://tantek.com/
- an http(s) domain without a path e.g. http://sixtwothree.org or https://sixtwothree.org and canonicalize http://sixtwothree.org/ or https://sixtwothree.org/ respectively
protocol
See the RelMeAuth page for documentation on how to support Web sign-in protocol on your site.
example implementations
- RelMeAuth prototype demonstrates Web sign-in for both read-only/read-write permissions, and provides a simple interface for Tweeting when read-write permissions are provided.
- IndieAuth not only uses Web sign-in but also provides a web sign-in authentication API!
- IndieWebCamp: Try out IndieAuth by signing-in to IndieWebCamp.com.
why
See Why web sign-in on the IndieWebCamp site.