WebIDs

Learn more about the WebID and Solid W3C standards.
Why use a WebID?

Login and share data

People can use their WebID in two ways:
  • Log in
    People can use a WebID to log in at an application.
    Learn more
  • Share data
    People can share data with another WebID (such as a WebID of a company, person or application).
    Learn more
Who needs a WebID?
In the next generation web, access controls for private data are defined using WebIDs. This means that any party who wants to get access to this data should have a WebID.

People

A person needs a WebID so they can login at applications and share data with other parties such as other people, organisations and applications. An example of a person's WebID is use.id/john.

Organisations

Organisations need a WebID if they want to let others (e.g. customers, employees, suppliers, ...) share information with them. An example of an organisation's WebID is webid.digita.ai

Apps

Apps also need a WebID if they want access to the data of others*. Apps are a bit special because they also need to define what data they require in order to function properly in a machine readable format. This way, when a user logs in, the user's authorisation agent knows what data it should share with the app. An example of an application's WebID is webid.app.use.id.

*  If an app does not require access to data (i.e. the app only wants to let others login using their WebID) the app doesn't necessarily require a WebID.
What is a WebID?
A WebID is an identifier in the form of a HTTP URI. This identifier points to a profile document. The profile document contains (1) several key components and (2) information about the entity.
The key components of a WebID profile document are:
  • Store(s)
    A WebID profile document contains a list of storage locations (commonly called pods). These storage locations follow the W3C Linked Data Platform standard. A WebID document can point to multiple storage locations. A storage location can be shared with multiple WebIDs. Access controls to resources within those storage locations are defined using WebIDs as well using the WAC or ACP standards. Each use.id WebID has a use.id store attached to it by default.
  • Login method(s)
    The profile document also contains a list of login methods, i.e. identity providers at which the WebID owner has an account. These identity providers must follow the Solid-OIDC W3C standard. Even though you can list multiple identity providers, each account at an identity provider can only be used for one WebID. Each use.id WebID has a use.id login method connected to it by default.
  • Authorisation agent(s)
    Your profile document also contains a list of your authorisation agents. Such an agent is an application that you, as a WebID holder, trust to make changes to the access controls of your data on your behalf. These agents must follow the W3C Solid Interoperability Specification. Each use.id WebID has an authorisation agent associated with it by default.
  • Access grants registry
    Your profile document points to a registry that is a list of other WebIDs of which you can access data. For example, this registry could say that you have access to data associated with Bob's and Alice's WebID.
  • Access needs registry
    In contrast to social actors, applications need to be able to specify up front, in a machine readable language what kind of data they require to work properly. As such, WebID profile documents for applications contain an additional registry: one to define those data types in the form of W3C Linked Data Shape Trees.
WebID Features

Portable data vaults and authentication without a vendor lock-in

Your own (virtual) data vault...

You can consider your WebID as your own virtual data vault. You can connect multiple (Solid compliant) data vaults (a.k.a. pods) and OpenID Connect identity providers with your WebID. A WebID allows you to have a unified view over federated data.

... shareable with whatever party of your choice

When you want, you can easily share selected pieces of information from your WebID by sending third parties a link to those pieces instead of sending them the actual information. This way, companies or friends have a direct connection with you or the single version of your truth. This means that to keep in touch with your friends or the companies you like, you don’t have to rely on platforms such as Facebook or Instagram. Another benefit would be that, when you want to connect to a company, you don’t have to re-enter the same data over and over again or worry whether they will keep it up-to-date (e.g. when you move house).

... stored wherever you want

Of course, changing your WebID (e.g. from use.id/john to my.id/john) will bring the same kind of trouble that you get when changing your email address or phone number. However, because the actual storage locations (i.e. pods) are abstracted, you can easily move your data from one storage location to another without concerns.

... browsable by whatever app you want

You can access your WebID, like the data that is associated* with it using any Solid compatible app just like you can use apps like Outlook or Thunderbird to access your emails. Certain apps will give a specific view on specific kinds of data whilst others might even give you an overview over all your data.

*  This could be data of yourself or data of others that is shared with your WebID.

... putting you in control over your data

A WebID also contains a registry of who can access what. By doing so, it effectively allows you to store and control your privacy preferences like you would manage the permissions of your apps on your smartphone.