Why can’t we have federated identity to login into fediverse instead of creating login for each instance?

  • Muddybulldog@mylemmy.win
    link
    fedilink
    English
    arrow-up
    13
    ·
    edit-2
    1 year ago

    There’s a difference between a federated identify and single-sign on. Your identity /u/mango_master@lemmy.world IS federated. You don’t need to have a separate login for each instance. You can use that identity to interact with any instance much the same way I am using my federated identity to currently respond to you.

    • mtdyson_01@kbin.social
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      I do not have the same experience. If I want to interact with a different instance then I have to login to that instance. Granted I’m very new to Lemmy but so far the apps are not quite there yet and exploring the fediverse is difficult. Searches are useless unless you know exactly what instance you need to find what you’re looking for.

      • sab@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Should be @mango_master if all is working correctly, actually ;)

        The threadiverse is a bit complicated since there needs to be a way of distinguishing between users and groups, but the @user@host.org format is standardized across the fediverse.

        • Muddybulldog@mylemmy.win
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          1 year ago

          It’s funny because using the /u/ format seems to work just fine in the web interface, creating the proper link. Typing it out in the @ format doesn’t automatically create the hyperlink when I type it, but yours works just fine. ¯\(ツ)

          • sab@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Also the /u/ format works when viewed in the Lemmy web interface, but not necessarily inside apps or from other federated services. :)

            It also probably doesn’t count as a mention, so the user won’t be notified even if they have that enabled in the settings.

    • masterspace@kbin.social
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I think what they mean is identity that is coupled to them the person and not whichever instance they choose to sign in on.

    • something_random_tho@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      This works great for apps. But I want to use the web interface to post a reply to content that’s not on my home instance. I can’t do that easily.

      • mack123@kbin.social
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        That should just work. You view the post on your own instance and reply there. That reponse trickles to the other instances.

        It may take a while to propagate though. The paradigm is close to that of the ancient nntp news groups where responses travel at the speed of the server’s synchronisation. It may be tricky for rapid fire conversation, but works well for comments of articles.

        • vaguerant@kbin.social
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          I believe they’re talking about a situation where somebody is like …

          Wow, everybody check out this amazing thread! https://someother.instan.ce/post/1194109

          Anybody who sees that link and is not already from someother.instan.ce now has to track down that post on their home instance in order to interact with it, which is a bad experience. It’s not the absolute worst thing in the world, like the home URL for the discussion we’re in right now is https://lemmy.world/post/1194109 and if you paste that URL into your local domain’s search it should find you the relevant discussion locally, but it still kinda sucks. In theory this would be sort of solve-able on the server end by having it search for any instance links behind the scenes and re-write other people’s links to point to the equivalent page on your own instance, but right now there’s no “nice” way to handle that situation.

          • mack123@kbin.social
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Agreed on your point. We need a way to identify those links so that our browser or app can automatically open them through our own instance.

            I am thinking along the lines of a registered resource type, or maybe a central redirect page, hosted by each instance, that knows how to send you to your instance to view the post there.

            I am sure it is a problem that can be solved. I would however not be in favour of some kind of central identity management. It is to easy a choke point and will take autonomy away from the instances.

      • mmaramara@kbin.social
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        What interface are you using now? I’m responding to this thread from kbin.social instance usin kbin webclient

        • something_random_tho@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          If you post a link to this, then I click that link, I am unable to reply directly, since I am on lemmy.world. I would need to first track down the equivalent post in my instance to reply. SSO solves this

          • mmaramara@kbin.social
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Oh I see. Yeah, there could be a feature (a browser addon would work too) that reads the webpage meta data before opening it, and pops a “Open in kbin/lemmy/whatever?” window.

      • e569668@fedia.io
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        I attended a talk in 2019 by Sir Tim Berners-Lee on Solid, which sort of seems related to what you are getting at. The idea being that you own your data/identity, and can decide to share it with third parties. It goes over things like files, but I believe login identities were also meant to be part of it, I see when I scroll down:

        authenticated by a decentralized extension of OpenID Connect

        I’ve been wondering recently, especially with Pixelfed adding login with Mastodon recently, if anyone has heard or experienced anything with that project. But considering I haven’t seen it spoken about or implemented since then, I’m not sure I should be hopeful