What is FedID? And why is it so important?

Posted on
Tuesday, November 5, 2024

FedID is a way for people to establish their own universal login credential – a portable representation of themselves that fits seamlessly into existing standard infrastructure.

Login with Google or Facebook actually runs on a web protocol called Open ID Connect, or OIDC. OIDC is the most widely used way to login on the web, also implemented by Microsoft, Linkedin, and many other large and small organizations.

FedID is short for Federated ID Connect, or FIDC. FIDC is perfectly interchangeable with OIDC. A developer can add FIDC by simply changing the URLs in two lines of code.

FIDC itself is built using a protocol borrowed from the “Fediverse” called Activity Pub, which connects, and federates, programs like Mastodon, Lemmy, and Threads. FIDC federates the records that provide identifiers for users. This makes FedIDs both interoperable and permanent. Even if the domain that originally issued a FedID to a person were to suddenly disappear, that user can continue to use their FedID to login to any other FIDC domain.

If Twitter had been an FIDC enabled domain, you could still use your @twitter handle to login to all other FIDC enabled services now. A FedID is like your Twitter handle with the domain you choose, that you can also use at every FIDC enabled service, forever.

In addition to that human-readable handle, your FedID is based on a new kind of key-based Decentralized Identifier, called a DID. You create and hold your FedID ‘master key’ on the first FedID enabled app that you install on your phone. After that, you can use your FedID ‘key’ tolog into any FIDC enabled site or add additional devices to your FedID. The FedID enabled app lets you control a FedID master key, without ever having to see or manage keys.

When you login with FedID, the FIDC servers talk to each other in the background using these keys, and you are securely logged in, without ever typing any login or password. You control the app with face or fingerprint.

A similar benefit is claimed for Passkey, but Passkey does not include a human-readable handle for discovery when connecting to new sites, and Passkey does not offer a secure way to manage your master key because anyone can airdrop Passkeys to anyone else.

A FedID is designed to give you a secure ‘remote control’ to manage other more powerful actions, such as online agents that act on your behalf. This allows you to use the app, and the keys that it contains, to control all of the agents and services you interact with online.

FIDC also offers a seamless path to evolve beyond the monopoly that Google and Facebook hold over OIDC. This may be especially important in the EU, where FIDC will offer regulators a viable alternative.


For full technical documentation see: FedID.me

Author

Jim Fournier

CEO & Founder

Serial entrepreneur. Early social network visionary, founders shares Linkedin IPO. Cofounded the Planetwork conferences. Sold cleantech startup BEC in 2011.

Oakland CA
Categories
DID
MyData
FedID
Featured Post

Evolving How We Manage Personal Data To a Network-based Model

We should collectively migrate to a model in which personal data is managed in a network based model in which all parties (individuals, organisations, things) are seen as nodes on the network. Data flows to and from network nodes via managed permissions. This approach can scale to the vast and ever-growing needs of modern data exchange for AI and other purposes.

Read More
Other Authors
Jim Fournier
Victor Grey
Paul Weston
Iain Henderson
John Wunderlich

2323 Broadway
Oakland CA 94612

+1-510-987-8615
JLINC
HomePricingTechnologyDevelopersSimulatorBlog
RESOURCES
ContactWhite PaperPressAbout
LEGAL
Privacy PolicyTerms of use
Copyright © 2023 Portable Data Corp