@graze.social (and I) just open sourced AIP, a small but powerful service to ease OAuth session handling in the ATmosphere. It supports both did:plc and did:web identities and simplifies session management for apps using ATProtocol. - ThreadSky

ngerakines.me • 3 days ago

@graze.social (and I) just open sourced AIP, a small but powerful service to ease OAuth session handling in the ATmosphere. It supports both did:plc and did:web identities and simplifies session management for apps using ATProtocol.

Comments

tauheed-elahee.ca•3 days ago

📌

mackuba.eu•3 days ago

Hey, so about that license… 😅 (here and in jetstream-turbo)

devingaffney.com•3 days ago

Fixed on Jetstream! @ngerakines.me I can also edit if you need me to!

https://github.com/graze-social/jetstream-turbo

ngerakines.me•3 days ago

That was a stub from before I got the go-ahead to open source it. MIT license will be applied this evening.

ngerakines.me•3 days ago

cloudhunter.co.uk•3 days ago

moni.fans•3 days ago

Remarkable

immber.bsky.social•3 days ago

Would this be stood up by the oAuth clients and serve as an authorization proxy, or is it meant for those who are hosting and need to provide an authorization service? Or both? Sounds super neat, but solution unclear??

rafael.my•2 days ago

📌

ngerakines.me•3 days ago

AIP makes it easy to manage OAuth and app-password sessions in one place. It handles auth flows, token persistence, and lets identities move across AppViews with fewer headaches.

ngerakines.me•3 days ago

One of the most annoying parts of OAuth is session refreshing. AIP solves that. It proactively refreshes sessions so your apps get fresh tokens without blocking the user.

ngerakines.me•3 days ago

AIP isn’t just a session manager: it can proxy XRPC calls too. That means your app can talk to a PDS through AIP without ever needing to store or refresh credentials directly.

ngerakines.me•3 days ago

By offloading token handling and session refresh logic to AIP, you can build apps that are faster, simpler, and more secure, especially in multi-identity or federated setups.

knotbin.com•3 days ago

Amazing! I really want to use this but it doesn't seem to have any documentation yet. Do you know what endpoints are used for oauth and proxying?

thisismissem.bsky.social•3 days ago

I'm not entirely sure what this does in practice, are there more docs coming?

ngerakines.me•3 days ago

AIP handles OAuth and app-password auth for ATProto. Auth once to get a JWT, then fetch DPoP or bearer creds for API calls. It also auto-refreshes sessions, so tokens stay valid without blocking your app.

rhalin.bsky.social•3 days ago

I think to Emilia’s point - the docs only talk about running it, they don’t indicate anything about what endpoints are available, what they do, or how to integrate this into an app 1/3

rhalin.bsky.social•3 days ago

*Emelia, sorry!!

rhalin.bsky.social•3 days ago

As an example - suppose I have this running. How do I update my app to start the flow and make service calls in the background of my app? Where do I get the appropriate tokens, etc?

I believe it does this, but as a consumed service it should be an example in the docs so we don’t have to dig 2/3

rhalin.bsky.social•3 days ago

And I fully get that this is brand new/just out!! No shade! Time is a limited resource! Just that it would be nice to have these things for faster adoption and getting people onboard with it faster 🙂 esp. given that it relieves a Huge blocker for a lot of folks! 3/3

thisismissem.bsky.social•3 days ago

@ngerakines.me ^ this is more what I mean, like I think I get what this is as a concept (though I have questions) but what it is in practice still is unclear to me, all of @rhalin.bsky.social questions apply

Comments

Posting Rules

Reply