At last year's Brooklyn Beta, Tantek gave me the lowdown on the Indie Web movement. To say it sounded right up my alley would be an understatement.
One of the first things I read about was IndieAuth. Tantek recommended this as a first step, so that I could log in and add myself to the list of IRC people.
I added a few
rel="me" links to my site:
<!-- Indie Web -->
<link rel="me" href="https://twitter.com/shiflett" />
<link rel="me" href="https://github.com/shiflett" />
<link rel="me" href="https://www.flickr.com/people/shiflett" />
I should point out that this isn't Tantek's preferred approach:
<shiflett> tantek: Is there a hidden way to add rel="me" stuff, like <link rel="me" href="..." />?
<tantek> Yes, that works, too. However, we prefer re-using existing visible links, as they tend to be more reliable.
These links provide some assurance that the owner of shiflett.org is the same person as @shiflett on Twitter, etc. With this in place, I eagerly clicked log in with your domain to see what would happen.
I have to provide the domain I want to use as my identity. Once I do, my site is scanned for
rel="me" links to see which providers I can authenticate with.
Of course, I wanted to test the "ensure your profiles link back to your home page" requirement, so I changed the URL on my Twitter profile and tried again.
So, that works. :-)
Authenticating with a provider is no different with or without IndieAuth. The only difference is that now when I prove I'm @shiflett on Twitter, I'm also proving I'm shiflett.org. One of the things I quickly noticed about the Indie Web movement is that it's not trying to reinvent existing solutions. Instead, it aims to help me (and you) use existing solutions without having to give up ownership of our identity, data, etc.
Sounds pretty great, doesn't it? I look forward to sharing more as I go.
Thanks for reading.