{"id":13556748,"url":"https://github.com/solid/solid-spec","last_synced_at":"2025-09-27T10:30:28.581Z","repository":{"id":30002787,"uuid":"33550348","full_name":"solid/solid-spec","owner":"solid","description":"Solid specification draft 0.7.0","archived":true,"fork":false,"pushed_at":"2021-12-02T13:41:58.000Z","size":707,"stargazers_count":1133,"open_issues_count":84,"forks_count":103,"subscribers_count":141,"default_branch":"master","last_synced_at":"2024-09-26T22:42:06.296Z","etag":null,"topics":["specification"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/solid.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-04-07T15:07:08.000Z","updated_at":"2024-08-22T14:47:50.000Z","dependencies_parsed_at":"2022-07-28T00:38:26.943Z","dependency_job_id":null,"html_url":"https://github.com/solid/solid-spec","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/solid%2Fsolid-spec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/solid%2Fsolid-spec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/solid%2Fsolid-spec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/solid%2Fsolid-spec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/solid","download_url":"https://codeload.github.com/solid/solid-spec/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234425969,"owners_count":18830825,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["specification"],"created_at":"2024-08-01T12:04:00.090Z","updated_at":"2025-09-27T10:30:28.267Z","avatar_url":"https://github.com/solid.png","language":null,"readme":"# Solid Specification Draft\n[![](https://img.shields.io/badge/project-Solid-7C4DFF.svg?style=flat-square)](https://github.com/solid/solid)\n[![Join the chat at https://gitter.im/solid/solid-spec](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/solid/solid-spec)\n\n**Latest version:** [`v.0.7.0`](https://github.com/solid/solid-spec/tree/v0.7.0) (see [CHANGELOG.md](CHANGELOG.md))\n\n**Publication status**: Unofficial Draft\n\n**Current development version:** `v.0.7.0-next` (evolving)\n\n**This document contains an informal description of implementation guidelines for Solid servers and clients.\nA normative specification is in the making at https://github.com/solid/specification/.\nFor the time being, the present document contains the best approximation of expected server and client behavior.**\n\n## Table of Contents\n\n1. [Overview](#overview)\n2. [Identity](#identity)\n3. [Profiles](#profiles)\n    * [WebID Profile Documents](#webid-profile-documents)\n4. [Authentication](#authentication)\n    * [Primary Authentication](#primary-authentication)\n      * [WebID-TLS](#webid-tls)\n      * [Alternative Authentication\n          Mechanisms](#alternative-authentication-mechanisms)\n    * [Secondary Authentication: Account\n        Recovery](#secondary-authentication-account-recovery)\n5. [Authorization and Access Control](#authorization-and-access-control)\n    * [Web Access Control](#web-access-control)\n6. [Content Representation](#content-representation)\n7. [Reading and Writing Resources](#reading-and-writing-resources)\n    * [HTTPS REST API](#https-rest-api)\n    * [WebSockets API](#websockets-api)\n8. [Social Web App Protocols](#social-web-app-protocols)\n    * [Notifications](#notifications)\n    * [Friends Lists, Followers and\n        Following](#friends-lists-followers-and-following)\n9. [Recommendations for Server\n      Implementation](#recommendations-for-server-implementations)\n10. [Recommendations for Client App\n      Implementation](#recommendations-for-client-app-implementations)\n11. [Examples](#examples)\n12. [Current Implementations](#current-implementations)\n\n## Overview\n\n[Solid](https://github.com/solid/solid)\nis a proposed set of conventions and tools for building\n*decentralized applications* based on [Linked\nData](https://www.w3.org/DesignIssues/LinkedData) principles. Solid is\nmodular and extensible. It relies as much as possible on existing\n[W3C](http://www.w3.org/) standards and protocols.\n\nSee Also:\n\n* [About Solid](https://github.com/solid/solid#about-solid)\n* [Contributing to Solid](https://github.com/solid/solid#contributing-to-solid)\n  * [Pre-Requisites](https://github.com/solid/solid#pre-requisites)\n  * [Solid Project\n      Workflow](https://github.com/solid/solid#solid-project-workflow)\n* [Standards Used](https://github.com/solid/solid#standards-used)\n* [Platform Notes](https://github.com/solid/solid#solid-platform-notes)\n* [Solid Project directory](https://github.com/solid/solid#project-directory)\n\n## Identity\n\nSolid uses [WebID](http://www.w3.org/2005/Incubator/webid/spec/identity/) URIs\nas universal usernames or actor identifiers. Frequently referred to simply as  \n*WebIDs*, these URIs form the basis of most other Solid-related technologies,\nsuch as authentication, authorization, access control, user profiles, discovery\nof user preferences and server capabilities, and more.\n\nWebIDs provide globally unique decentralized identifiers, enable cross-service\nfederated signin, prevent service provider lock-in, and give users control over\ntheir own identity. *The WebID URI's primary function is to point to the\nlocation of a public [WebID Profile document](#profiles) (see below).*\n\n**Example WebIDs:** `https://alice.databox.com/profile/card#me` or\n`http://somepersonalsite.com/#webid`\n\n## Profiles\n\nSolid uses WebID Profile Documents for management of user identity and security\ncredentials (such as public keys), and user preferences discovery.\n\nAlthough here we mostly refer to them in the context of user profiles,\nother types of actors use these profiles as well, such as groups, organizations,\ndevices, and software applications.\n\n### WebID Profile Documents\n\nA WebID URI, when dereferenced, yields a WebID Profile Document in a\nLinked Data format ([Turtle](http://www.w3.org/TR/turtle/) by default, but\noften available as JSON-LD or HTML+RDFa). Parsing this document provides a\nclient application with useful information, such as the user's name and\nprofile image, links to user preferences and related documents, and lists of\npublic key certificates or other relevant identity credentials.\n\n**See component spec:\n  [Solid WebID Profiles Specification](solid-webid-profiles.md)**\n\n## Authentication\n\nAuthentication is the process of determining a user’s identity, of asking the\nquestion “How do I know you are who you say?”.\n\nHow do web applications typically authenticate users (that is, how do they\nverify identity)? The most common method is usernames and passwords. A\n*username* uniquely identifies a user (and ties them to a user profile), and a\n*password* verifies that the user is who they say they are. Many applications or\nservices also have a *secondary authentication mechanism* (usually an external\nemail address) that they use for account recovery (in case the user forgets or\nloses their primary authentication tokens, username and password).\n\nSolid currently uses WebID-TLS as its primary authentication mechanism.\nAlternative complementary mechanisms are also being actively investigated.\nIn addition, Solid recommends that server implementations also offer secondary\nauthentication available for users for Account Recovery (via email or some\nother out-of-band mechanism).\n\n### Primary Authentication\n\nSolid, being a decentralized web application platform, has a set of requirements\nfor its authentication mechanisms that are not commonly encountered by most\nplatforms and ecosystems. Specifically, it requires *cross-domain*,\nde-centralized authentication mechanisms not tied to any particular identity\nprovider or certificate authority.\n\n#### WebID-TLS\n\n**Note:** Several browser vendors (Chrome, Firefox) have removed support\nfor the `KEYGEN` element, on which WebID-TLS relied for in-browser certificate\ngeneration.\n\nSolid uses the [WebID-TLS\nprotocol](http://www.w3.org/2005/Incubator/webid/spec/tls/) as one of its\nprimary authentication mechanism. Instead of usernames, it uses WebIDs as unique\nidentifiers, as previously mentioned. And instead of using passwords as bearer\ntokens, it uses cryptographic certificates (stored and managed by the user's web\nbrowser) to prove a user's identity.\n\nWhen accessing a Solid server using WebID-TLS, a user is presented by their\nweb browsers with a popup asking them to select an appropriate security\ncertificate for that site. After a user makes their selection, the server\nsecurely matches the private key stored by the browser with the public key\nstored in that user's [WebID Profile Document](#webid-profile-documents), and\nauthenticates them.\n\n**See component spec:\n  [Solid WebID-TLS Specification](authn-webid-tls.md)**\n\n#### WebID-OIDC\n\nThe Solid team is currently implementing support for WebID-OIDC as another\nprimary authentication mechanism. It is based on the OAuth2/OpenID Connect\nprotocols, adapted for WebID based decentralized use cases.\n\n**See component spec:\n  [WebID-OIDC Specification](https://github.com/solid/webid-oidc-spec)**\n\n#### Alternative Authentication Mechanisms\n\nThere are several other authentication mechanisms that are\ncurrently being investigated, such as combinations of traditional\nusername-and-password authentication and WebID-TLS Delegation).\n\n### Secondary Authentication: Account Recovery\n\nRegardless of the primary authentication mechanism, bearer tokens and other\nproofs of identity tend to get lost by users. Passwords can be forgotten,\nbrowser certificates can be lost to hardware failure, and so on. Solid\nrecommends that secondary Account Recovery mechanisms are provided by server\nimplementers, to aid in these scenarios.\n\n## Authorization and Access Control\n\nAuthorization is the process of deciding whether a user has *access* to a\nparticular resource. If authentication asks \"who is the user?\", authorization\nis concerned with \"what is the user allowed to do?\".\n\nSolid currently uses the Web Access Control (WAC) mechanism for cross-domain\nauthorization for all its resources.\n\n### Web Access Control\n\n[Web Access Control (WAC)](https://github.com/solid/web-access-control-spec) is\na decentralized system that allows different users and groups various forms of\naccess to resources where users and groups are identified by HTTP URIs. The\nsystem is similar to the access control system used within many file systems\nexcept that the documents controlled, the users, and the groups, are all\nidentified by URIs. Users are identified by WebIDs. Groups of users are\nidentified by the URI of a class of users which, if you look it up, returns a\nlist of users in the class. This means a WebID hosted by any server can be a\nmember of a group hosted some other server.\n\nUsers do not need to have an account (i.e. WebID) on a given server to have\naccess to documents on it.\n\n**See component spec:\n[Solid WAC Specification](https://github.com/solid/web-access-control-spec)**\n\n## Content Representation\n\nSolid deals with reading and writing two kinds of resources:\n\n1. Linked Data resources (RDF in the form of JSON-LD, Turtle, HTML+RDFa, etc)\n2. Everything else (binary data and non-linked-data structured text)\n\nWhile you can build Solid applications with non-linked data resources, using\nactual RDF-based Linked Data provides you with considerable benefits in terms\nof interoperability with the rest of the Solid app ecosystem.\n\nResources are grouped in directory-like **Containers** (currently conforming\nto the [LDP Basic Container spec](https://www.w3.org/TR/ldp/#ldpbc)).\n\n**See component spec: [Solid Content\n  Representation](content-representation.md)**\n\n## Reading and Writing Resources\n\n### HTTPS REST API\n\nSolid extends the [Linked Data Platform spec](https://www.w3.org/TR/ldp/) to\nprovide a simple REST API for CRUD operations on resources and containers.\n\n**See component spec: [HTTPS REST API](api-rest.md)**\n\n### WebSockets API\n\nSolid also provides a WebSockets based API for a PubSub (Publish/Subscribe)\nmechanism, through which clients can be notified in real time of\nchanges affecting a give resource.\n\n**See component spec: [WebSockets API](api-websockets.md)**\n\n## Social Web App Protocols\n\nIn addition to read/write operations on resources, Solid provides a number of\nspecs and recommendations to help developers achieve interoperability between\nvarious social web applications that are part of the ecosystem.\n\n### Notifications\n\n**See component spec: [Linked Data Notifications](https://www.w3.org/TR/ldn/)**\n\n### Friends Lists, Followers and Following\n\nAPI recommendations for managing subscriptions and friends lists are still\nbeing discussed. TBD.\n\n## Recommendations for Server Implementations\n\n**See component spec: [Recommendations for Server\n  Implementations](recommendations-server.md)**\n\n## Recommendations for Client App Implementations\n\n**See component spec: [Recommendations for Client\n  Implementations](recommendations-client.md)**\n\n## Examples\n\n* [User Posts a Note](examples/user-posts-note.md)\n\n## Current Implementations\n\n**Server Implementations:** See\n[solid/solid-platform](https://github.com/solid/solid-platform#servers) for a\nlist of Solid servers and developer tools.\nNote: The Solid team uses\n[`node-solid-server`](https://github.com/solid/node-solid-server) as\nits main server implementation.\n\n**Client App Implementations:** See\n[`solid-client`](https://github.com/solid/solid-client) for the main client\nlibrary, and [solid/solid-apps](https://github.com/solid/solid-apps) for an\nexample list of Apps built using Solid.\n","funding_links":[],"categories":["Others","Uncategorized","others","WebID","Specifications, Manuals, and other documentation"],"sub_categories":["Uncategorized","BBedit"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsolid%2Fsolid-spec","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsolid%2Fsolid-spec","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsolid%2Fsolid-spec/lists"}