Solid, WebID and OpenID Connect

The last time I looked at anything OpenID related was back in 2008 when federated authentication was the hype before it was overtaken by the blockchain, machine learning and artificial intelligence. Times have changed and all of that is back as project Solid run by Sir Tim Berners-Lee.

Below are my notes on the building blocks of the project since I’ve started working on a prototype for a Solid Pod plugin for WordPress.

Authentication and Authorization

Federated identity is built around these two concepts and making it simple to setup and use has been a long standing challenge since the days of SAML and whatever went before it.

For authentication the Solid project uses the WebID-OIDC protocol which adds a layer on top of the OpenID Connect protocol which in turn is built on top of the OAuth 2.0 protocol for authorization.

Here is the best overview of the OpenID Connect protocol that I could ever find by Nate Barbettini:

WebID and OpenID Connect

WebID is the key here — it adds the Semantic Web and linked data on top of the OpenID Connect for data discovery and exchange. Probably the nicest thing about WebID is the name Turtle — a markup language for writing up RDF graphs. Good luck understanding those.

I’ll be adding to this section as I dig deeper.

Personal Data

The Solid project builds on a recent revelation among the regular web users that having full control over their personal data and identity online is very important. This is a huge change from the previous narrative of linked data and the Semantic Web which was focused on computers harvesting and using that data which is hard to relate to for most of us.

Leave a Reply