I think I have to read up on the exact definition of "group".
Represents a formal or informal collective of Actors.
has there ever been discussions regarding SSO?
Don't know about Lemmy specifically, but there has been discussion on SSO in the fediverse in general. There is an FEP (Fediverse Enhancement Proposal) which lists some implementers. I have also heard the client-to-server API part of ActivityPub could be used for this, but I don't think projects usually implement that (it's optional).
It should be theoretically possible to provide SSO for any fediverse project which has an API with authentication. I think. So sign in with Lemmy should be possible, but it's up to those other projects to implement it.
psycotica0@lemmy.ca 10 hours ago
This comes up from time to time, but usually not for what you want. Pixelfed and PeerTube and Lemmy and Mastodon are actually pretty different experiences. They don’t really do the same thing, they don’t appear to have the same verbs and nouns. So using one to talk to the other is actually a little weird, not because we’re trying to make walled gardens, but just because the focus of Lemmy is on the threaded topic, and the focus of PeerTube is comments on videos in my playlist.
The fact that they can cross-talk at all is kind of an accident. Each system wants to federate with itself, and so they have a protocol to do it. And because it’s an open protocol, anyone can use it. And it is intentional that any compatible software should be able to use it, so Mastodon and other microblogs can cross-talk, that’s on purpose. But with these different “kinds” of services, they all picked the same protocol because it already existed, it already worked, and it met their needs. I don’t think the people making Lemmy really intended PeerTube users to use it, even though it’s sometimes possible in particular ways. They’re compatible because they both used parts of the same protocol, and so when you put them together they happen to have overlap, but that’s almost a coincidence.
The reason SSO sometimes comes up is actually to solve a UX problem that’s plagued the fediverse since the beginning. If I’m a user of lemmy.ca, and I’m looking at lemmy.ml because I got there from a link it Google out something, and want to comment on what I see there, I can’t. Not directly. I can’t click the join button or follow a user or any of it, because this site is not my site. I have to first go to my site, where I have an account, and then find this content on my site, and then interact with it there. That sucks and has always sucked. So one of the proposals people have pitched to fix it is if I could login to lemmy.ml directly with my lemmy.ca account, then I could drive it remotely, in context, while maintaining my actual account somewhere else.
The downside of this is that a whole bunch of random sites have tokens for me, every instance has way more “users” than users, and if any one of them has a security incident then it doesn’t just affect the users of that instance, because that instance also has keys for a bunch of other random instances. And overall the way I’d login on the remote site is to type my home site’s address, to kick off the SSO login, but if I’m doing that anyway I could also type that in and just have it redirect me there natively. So not great.
If we’re talking about using SSO just to only have one credential, this is actually better handled with normal, existing, SSO. Like OpenID or whatever. If Lemmy and Mastodon and PeerTube and PixelFed all allowed creating an account with an existing SSO solution, of which there are several, then you can already create an account on each of them using the same identity provider and not make any new accounts. This is likely cleaner than requiring each of them to be, themselves, an identity provider just so they can all login to each other so you can start with any one of them natively, but from there only have one identity for all the rest. That would add a bunch of extra requirements to being a valid implementation, and maybe lead to some bad or insecure identity providers, and not give that much benefit in return.
But I love SSO as a concept, so we should definitely support the much simpler thing, which is that all FOSS websites support SSO standards, not for fediverse reasons, but just because it’s nice in general. For me 😛
VoxAliorum@lemmy.ml 8 hours ago
Oh, I agree. I meant SSO in the second sense: that there are external Identity Providers that you can use to create an account at different servers hosting different kind of fediverse experiences - be it Lemmy, PeerTube, Mastodon or … I understand the issue you are describing first, but I haven’t had that problem yet. Sounds like it could be fixed with a simple redirect - but I guess it is not so easy to figure out whether you need a redirect in the first place.