Feedback


#1

Hi. I’ve been asked by the action group Extinction Rebellion to liaise with you. We are a very active user of FB events and we would be very happy to switch to MobiliZon.

I’d like to ask if there are any plans for using SSO (Single Sign On), e.g. using Mastodon credentials for logging in?

Also what is your backlog or roadmap for the project now that your funding is almost secure? Congratulations with the result so far!

Regards,
Gert


#2

Hi,

First of all, we intend to allow most things to be done without being connected, so that we reduce the need for registration (we’re not a Startup that needs big numbers).

On the topic of SSO, we plan to have LDAP and oAuth support at some point (see the meta issue) so that you could use Mastodon credentials (at least to register).

We’ll announce the roadmap specifically in the upcoming weeks.


#3

Please note that using Mastodon credentials is not SSO, it’s delegation of authentication.

See https://stormpath.com/blog/oauth-is-not-sso :wink:


#4

Thank you @tcit and @Framasky,

The purpose is to enable a user to use an existing username and password to log into
different services.

What I’d be looking for is a configurable option for MobiliZon to add a step before login,
where the user can indicate which site has his/her credentials. The login process could then be:

User clicks “login” button
MobiliZon asks: dicrect or via third party
user selects third party
MobiliZon asks user to select one of the sites it knows about
MobiliZon asks username and password of that site (so it now knows the username)
MobiliZon validates these credentials with that site and receives a access token.

Would that make sense?

Regards,
Gert


#5

Mobilizon also would need an email from the 3rd-party service and would also require creating a local account, there’s no way to rely only on informations such as an access token coming from the 3rd-party service. However for the user it’s still just a click away for registering/login.


#6

The extra click can also be a button “Authenticate Remotely” and if that is not selected, by default the user logs in directly. I admit I may have oversimplified a bit. And of course it is extra work and I understand most fediverse projects wouldn’t consider implementing something like this.