web-sign-in: Difference between revisions
(→set up: your https) |
(→user interface: canonicalize require https) |
||
| Line 37: | Line 37: | ||
Important details: | Important details: | ||
* The web address input "[........................]" MUST accept | * The web address input "[........................]" MUST accept | ||
** a "plain domain" e.g. tantek.com and canonicalize that | ** a "plain domain" e.g. tantek.com and canonicalize that to https://tantek.com/ | ||
** an | ** an https domain without a path e.g. https://sixtwothree.org and canonicalize to https://sixtwothree.org/ | ||
=== protocol === | === protocol === | ||
Revision as of 23:58, 3 June 2025
Use the (Web sign-in) button on a site to sign-in with your personal web address.
When you click a (Web sign-in) button, the site will ask you for your web address, e.g.:
Web address: [........................] (Sign-in)
Web address:
[........................]
(Sign-in)
Enter your personal web address and press return / click (Sign-in).
set up
Your personal site must be set up for web sign-in.
- Link from your personal site to your other profiles. Add
rel="me"to those hyperlinks. E.g.:<a rel="me" href="https://github.com/your_github_alias">... - Edit your other profiles, e.g. your GitHub profile, and set link (🔗) text field to your personal web address. E.g.
🔗 https://yoursite.example.com/
- When you use your personal site with web sign-in the first time*, your browser will redirect you to to your online profile, e.g. GitHub, and ask you to:
- Sign-in with your account on that profile (e.g. sign in to GitHub) if you're not already signed-in.
- Authorize the site to use your account, e.g. your GitHub account:
Authorize Site to use your account?
* Subsequent sign-ins to the same web sign-in form should be pre-filled with your domain name (e.g. via a cookie from the site) so all you have to do is click (Sign-in). In addition, if the site is properly using HTML5 <input type=url>, browsers will help you auto-complete your personal web address for you across all sites that do web sign-in.
developers
user interface
For the Web sign-in UI, see the text mockups at the top of this page as a design starting point.
Important details:
- The web address input "[........................]" MUST accept
- a "plain domain" e.g. tantek.com and canonicalize that to https://tantek.com/
- an https domain without a path e.g. https://sixtwothree.org and canonicalize to https://sixtwothree.org/
protocol
See the RelMeAuth page for documentation on how to support Web sign-in protocol on your site.
example implementations
- RelMeAuth prototype demonstrates Web sign-in for both read-only/read-write permissions, and provides a simple interface for Tweeting when read-write permissions are provided.
- IndieAuth not only uses Web sign-in but also provides a web sign-in authentication API!
- IndieWebCamp: Try out IndieAuth by signing-in to IndieWebCamp.com.
why
See Why web sign-in on the IndieWebCamp site.