Auth systems

From MediaWiki.org
Jump to: navigation, search

Status[edit | edit source]

2014-03-monthly:

The team prepared the migration of the central OAuth database from mediawiki.org to Meta-Wiki, and got input from the Wikimedia Foundation's legal team regarding the OAuth process.


Rationale[edit | edit source]

There are several specific issues with the existing, authentication methods used on the WMF sites:

  • Increasingly, 3rd party cookies are disabled in browsers
  • Several bugs related to CentralAuth's single sign-on system

Additionally, several new features for authentication and authorization have been requested:

  • OpenID
  • OAuth
  • Cross-wiki editing (Mobile, VisualEditor)

Timeline[edit | edit source]

See Auth systems/2013

Summary:

  • August 2013: SUL2 (fixing CentralAuth bugs and modernizing single-user signon for newer browsers)
  • August 2013: Wikimedia-internal cross-wiki edit tokens
  • November 2013: OAuth
  • Delayed until sometime in 2014: OpenID

Documents[edit | edit source]

Communications[edit | edit source]