Bluesky Social PBC have given a grant to Emelia Smith, an Invited Expert with the FedID Working Group, to work on FedCM with the goal of making FedCM really work for the decentralized web.
See what CIMD solves for. “Innately centralized” was probably a poor choice of words, but OIDC not a good fit for an open social web with decentralized identities and a plethora of small identity providers that cannot be known upfront.
Forgejo has a feature (that people usually disable) where you can bring your own openid connect url and use it to auth. So if I have my own OIDC provider I am self hosting, I can just use that to log in.
Most people only use OIDC for google and microsoft and whatnot but it’s very possible. I don’t realkly see what FedCM offers that OIDC doesn’t or can’t, or why we shouldn’t be adding features to the existing and popular OIDC instead.
This requires manually enabling every additional provider. This doesn’t work if some individuals or smaller collectives wanna run their own identity providers, numbering in the thousands.
This requires manually enabling every additional provider.
No, it doesn’t. The docs are confusing on this, but forgejo has two methods to enable oauth/oidc. One is to manually enable them, but there is a second, where people bring their own openid link.
Ouath client — This is the one where you manually enable providers
But then there is a third config. Openid. This one lets users bring their own openid/oauth link and sign in with that. No manual configuration required on the side of the forgejo server per oauth provider being used.
See what CIMD solves for. “Innately centralized” was probably a poor choice of words, but OIDC not a good fit for an open social web with decentralized identities and a plethora of small identity providers that cannot be known upfront.
Forgejo has a feature (that people usually disable) where you can bring your own openid connect url and use it to auth. So if I have my own OIDC provider I am self hosting, I can just use that to log in.
Most people only use OIDC for google and microsoft and whatnot but it’s very possible. I don’t realkly see what FedCM offers that OIDC doesn’t or can’t, or why we shouldn’t be adding features to the existing and popular OIDC instead.
This requires manually enabling every additional provider. This doesn’t work if some individuals or smaller collectives wanna run their own identity providers, numbering in the thousands.
No, it doesn’t. The docs are confusing on this, but forgejo has two methods to enable oauth/oidc. One is to manually enable them, but there is a second, where people bring their own openid link.
The docs contain 3 things related to oauth: