spoons.technology/plots
4
0
Fork 0
Code Issues 13 Pull requests 3 Projects 1 Releases Packages Wiki Activity Actions

How do we avoid closing the door to federation? #10

New issue
Open
opened 2025-12-20 20:44:12 +00:00 by tom · 2 comments
tom commented 2025-12-20 20:44:12 +00:00
Owner
Copy link

I suspect having an identity that can be migrated is one of those baffling problems that intersects tech and psychology. However, it feels good to contemplate how we might allow people to run a similar co-op and mutually share services.

I suspect having an identity that can be migrated is one of those baffling problems that intersects tech and psychology. However, it feels good to contemplate how we might allow people to run a similar co-op and mutually share services.
tom commented 2026-01-01 13:44:37 +00:00
Author
Owner
Copy link

Perhaps we could experiment via the RoW directory? Or perhaps we explicitly build a separate ID service at some point?

Perhaps we could experiment via the RoW directory? Or perhaps we explicitly build a separate ID service at some point?
👍 1
tom commented 2026-02-02 19:44:16 +00:00
Author
Owner
Copy link

Did an experiment setting RoW and Spoons keycloak to have the other as an identity provider. It pretty much just works, though so far I've only tested with users that exist on both sides. If you have the same email on both sides, then keycloak links your accounts - so you're the same user but authenticating via a different service.

Would need a bit more poking, but it looks from a brief play that it would be really doable for a similar project to federate with spoons by linking auth services (authn), then adding access later via groups (authz).

Did an experiment setting RoW and Spoons keycloak to have the other as an identity provider. It pretty much just works, though so far I've only tested with users that exist on both sides. If you have the same email on both sides, then keycloak links your accounts - so you're the same _user_ but authenticating via a different service. Would need a bit more poking, but it looks from a brief play that it would be really doable for a similar project to federate with spoons by linking auth services (authn), then adding access later via groups (authz).
👍 1
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
services-architecure
1-bootstrapping
7-membership
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
High-level approach
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
spoons.technology/plots#10
No description provided.