Matrix

3305 readers

16 users here now

An open network for secure, decentralized communication

founded 5 years ago

MODERATORS

k_o_t@lemmy.ml

What does the new OIDC system improve upon? (lemmy.ca)

submitted 8 hours ago by hackysphere@lemmy.ca to c/matrix@lemmy.ml

1 comments fedilink hide all child comments

I have been reading about the new OIDC system (since Element now has a QR code login). I can't seem to understand the purpose of it, as it seems that Matrix already has all of the features wanted, but more simple. Why would there need to be a new OIDC system, if signing in with services with Google or GitHub is already supported and configurable per homeserver? Why would regular user+password login need to be reimplemented, but now require a website to login instead of being able to login through something like a terminal?

top 1 comments

sorted by: hot top controversial new old

[–] m_f@midwest.social 2 points 7 hours ago* (last edited 7 hours ago)

Here's an announcement of the Matrix 2.0 spec, which includes a switch to the new OIDC system:

https://matrix.org/blog/2024/10/29/matrix-2.0-is-here/

That links to this Matrix spec proposal:

https://github.com/matrix-org/matrix-spec-proposals/blob/hughns/delegated-oidc-architecture/proposals/3861-delegated-oidc-architecture.md

IMO the tl;dr is that they're switching to a widespread standard that has a lot of development around it and security auditing. It will take a lot less of their time to just use that vs maintaining their own stack. OIDC will let you use google/github-style "Login with..." approaches, but you can use that with any other service that supports OIDC, not just a few blessed services.

There's also this site with a "Why?" section: https://areweoidcyet.com/#why