Skip to main content

FedID and FedID Connect (FIDC)

An online representation of you, that you own and control.

FedID is the root technology behind FedID Connect (FIDC), which leverages the portability of OIDC and distribution of ActivityPub to provide usernames and identifiers that individuals own and control, no matter what happens to the site they signed up on. FedID from JLINC paves the way for true identity and data ownership.

In day-to-day real life, we fill our pockets with ID cards and keys to our homes or offices for access to resources and places. However, in our digital lives we are forced to have multiple accounts and passwords, numerous passkeys, and software to keep track of them all. FedID brings the convenience of our real-world pockets to our digital lives, allowing us to bring them all into one place, while isolating each to keep things secure.

Challenges with centralized and decentralized identities

Both centralized and blockchain-based decentralized identities have challenges that FedID is looking to solve.

Centralized identities:

  • Are owned by the organization that hosts them, not by the individuals who create them
  • When access to a service is revoked, their account, and all information associated with it, can be taken away
  • As the primary service of use for a category changes, users must fight to get their old usernames in these new services

Decentralized identities:

  • Often require an entire blockchain of all user data stored in multiple locations
  • To retain ownership of your identifiers, you must host the blockchain, or trust that a vendor will continue to provide it via SaaS
  • Blockchains are distributed storage, but these identities are still centralized on the service providing access to that storage

How FedID works

When you create your FedID, a few things occur:

  • First, you select a username (in the format of user@domain.ext) and the FedID App on your device creates a set of private keys that only you have access to
  • Next, the FedID Server you sign up with creates a DID , or Decentralized Identifier, document, which is a JSON representation of you that contains the public key for this device
  • Then your FedID App signs that DID with your private key, proving it is you
  • Lastly, your FedID Server sends that DID out to any servers that it is currently federated with, meaning a mirror of your FedID will exist in many different places

Read more about the FedID DID Document to understand how it allows for the management of keys, services, and logins for users.

At this point you own this username.

Your username is part of your FedID. Even if the FedID Server you signed up with goes away, as long as your FedID has been federated to another server, you can never lose it.

When you use your FedID to log into a service:

  • The FedID Server will interact with the service just like any other OIDC provider
  • However, instead of requiring a password, it will request the app scan a QR code challenge to validate who the user is

Below is a diagram of what takes place.


The full details of these interaction can be found in the details on the FedID protocol.

But how do I "own" my username?

Since your FedID has federated to another FedID Server that is hosted by another business or individual, you won't loose access to your FedID and thus, your username.

Even if...

  • The original FedID Server changes their branding or domain name
  • The original FedID Server is no longer accessible
  • The original FedID Server blocks you
  • The original FedID Server shuts down

... you will still have access to your FedID and username.

This is the migration process:

Advantages of FedID

Users may have multiple accounts across different servers and may want to maintain a consistent identity across all of them. By providing a single, portable identity that can be used across different platforms, FedID makes it easier for users to manage their online presence and for developers to build applications that can interact with users in a consistent way.

Benefits of FedID in the Fediverse

FedID helps address the challenges of user accounts in the Fediverse. One of the biggest challenges for new users to the Fediverse is understanding how to select the appropriate instance for them. FedID simplifies this, as users can easily migrate between instances at a later data without losing their Fediverse user.

Specifically, FedID provides the following benefits for users of sites running software such as Lemmy and Mastodon:

  • Single sign-on (SSO): With FedID, users can sign in to multiple instances of Lemmy and Mastodon with a single set of credentials, without having to create a new account for each instance.
  • Consistent identity: FedID allows users to maintain a consistent identity across all instances of Lemmy and Mastodon that they use, allowing all posted content to roll up to an individual user.
  • Portability: FedID allows users to take their usernames with them if they switch instances of Lemmy or Mastodon, or if they want to use a different platform altogether.
  • Interoperability: FedID makes it easier for developers to build applications that can interact with users in a consistent way, regardless of which instance of Lemmy or Mastodon they are using.
  • Security: FedID provides an additional layer of security by allowing users to authenticate with a single set of key-based credentials, rather than having to create a new password for each instance of Lemmy, Mastodon or other federated software.
  • Privacy: FedID gives users control over their profile data, and allows them to share only the information they want to share with the services they use.

Benefits of FedID to non-Fediverse sites and applications

Many of the same benefits for the Fediverse also apply to non-Fediverse applications, especially when considering the SSO and security aspects of a user having control over their keys.

An additional advantage for commercial and non-commercial entities is the ability to provide provenance and data ownership via the DID document for each FedID, such as by leveraging the JLINC protocol to audit how organizations are utilizing the data of each individual, and ensuring that utilization is compliant with the agreements and terms of service that are in place.

Some examples of these benefits are:

  • Ease of use: FedID makes it easier for users to manage their online presence by providing a single, portable identity that can be used across different platforms via SSO.
  • Streamlined user onboarding: FedID eliminates the need for users to create new accounts and remember new passwords, making it easier for them to start using new services.
  • Reduced liability: By allowing users to manage their own keys, FedID can help reduce the liability of organizations that collect and store user data.