Is there any service that runs on ATproto that *doesn't* require a BlueSky login yet?
-
Is there any service that runs on ATproto that *doesn't* require a BlueSky login yet?
It's pretty much the only thing stopping me from trying to self-host.
I've seen people claim there is, however, I have yet to see one that offers their own accounts, completely separate from BlueSky.
Requiring a login to a corporately owned site is a MASSIVE entry barrier for most of those looking for decentralized or self-hosted services.
If/when there are things that can do that, I'll definitely be way more interested. I'm pretty bummed that I haven't discovered one yet.
PS. I'm aware of Whitewind and Frontpage. They require a BlueSky login.
-
Kuba Suder • @mackuba.eu on 🦋replied to BeAware :fediverse: last edited by
@BeAware But *that's the whole point*! "One account for multiple apps", that's the selling point. Kind of like in AP you can follow PixelFed from Mastodon, in AT you're supposed to be able to log in with the same account to Bluesky or to WhiteWind and reuse some data between them (or not, you can just make a separate account). It's not really a Bluesky account, it's an ATProto account technically. You should be able to log in with non-Bsky PDS to WhiteWind and Frontpage, if not - that's a bug.
-
BeAware :fediverse:replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@mackuba As long as ATproto and Bluesky is corporately funded, it's an issue for me that the account info is hosted there.
Maybe they'll never seperate it. However, a man can wish.
I have one account here and can interact with everything that integrates AP just fine and don't need a corporate site login.
I understand they're different, but since AP was first and there's still very few alternative federated protocols besides these two, it'll always be the reference point.
I hope it happens. I want to dabble more, but having a login on Bluesky while hosting my own "everything else", just feels very foreign to me.
-
Kuba Suder • @mackuba.eu on 🦋replied to BeAware :fediverse: last edited by
@BeAware Ok so I'm not sure I understand what you want exactly So you could have a PDS that you've installed on your server, sign up for an account on that PDS, and then log in to WhiteWind and Frontpage with that account. At that point the only places where you'd have something to do with Bluesky infrastructure is:
- the Bluesky Relay which WhiteWind and Frontpage almost certainly pull data from because I'm sure they don't run their own
- the plc.directory which registers DIDs -
BeAware :fediverse:replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@mackuba Oh...hmm...if I host my own PDS, they don't get my account "info" (email and such private info), but I'd still sign up through BlueSky? Or is there a seperate sign up/account database that is hosted on the PDS?
I ask, because when using whitewind, it says to login using bluesky. Is there an account system on PDS that will just *work* with it as well? They're just conflating ATProto with BlueSky and I'm seperating them, essentially?
Hope this makes sense. I'm trying to explain. As you know, I'm not very good at getting my point across.
-
Kuba Suder • @mackuba.eu on 🦋replied to BeAware :fediverse: last edited by
@BeAware Yeah yeah, that's basically the same thing - I've seen some discussions a few times "How should we call this on the website? Log in with what?", but generally I think most people agreed that "Bluesky" will be more meaningful to more new users than "AT Protocol"…
-
Kuba Suder • @mackuba.eu on 🦋replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@BeAware In practice it should work this way: you enter either the address of your PDS, or your handle which is resolved to your DID which is then used to find the address of your PDS, then the app contacts your PDS to authenticate to your account and get back access token from the PDS. If your on your own PDS then none of your account data is hosted on Bluesky servers except the (public) DID JSON file on plc.directory.
-
BeAware :fediverse:replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@mackuba That's because most people are used to having a corporation in control. I consider it an issue.
I've been fighting Fedi on using the "Mastodon" term for this reason.
I'd really hate to see Fediverse become completely controlled by Mastodon. They've already been doing some very sus stuff and *only* control about 73%....
-
Kuba Suder • @mackuba.eu on 🦋replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@BeAware I think you could even not have a "Bluesky profile" record with bio and avatar etc. to use WhiteWind this way (I'm not 100% sure though how the account tooling works on the installable PDS).
-
BeAware :fediverse:replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@mackuba Thanks for these bits of info!
Much appreciated. I might be looking into how to host these things soon, as it was my misunderstanding of the way it works that was stopping me from delving into it further.
-
Kuba Suder • @mackuba.eu on 🦋replied to BeAware :fediverse: last edited by
@BeAware Also things are kind of in flux with OAuth at the moment - they've been working on it for the past few months, but it's only partially deployed so far and not ready, there have been some required updates to the PDS related to this, and most third party apps don't support OAuth login just yet, so things might be a bit messy in that area in the next few months.
-
BeAware :fediverse:replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@mackuba Oh okay. I'm ignorant on OAuth as well. Is that what's used to login to other sites like Whitewind?
If that's the case, I might be better off waiting until that's ironed out as that's pretty much what I'm trying to do in the end.
-
Kuba Suder • @mackuba.eu on 🦋replied to BeAware :fediverse: last edited by
@BeAware It's like when you log in to your Mastodon/Fedi account in an app, you're shown your server's login page in a browser and then "Do you want to authorize app X to do Y?" and you press "Authorize". And in Bluesky/ATProto at the moment you enter that "app password" at the moment to log in, you give the app password to the third party app itself instead of to your server's login form. It's less secure because they get that password itself instead of a token & they get access to whole acct.
-
BeAware :fediverse:replied to Kuba Suder • @mackuba.eu on 🦋 last edited by
@mackuba Oof...yeah, that's a bit worrisome for me. I'll keep checking in to see how OAuth is coming before I dive into it all the way.