Authentication is the process of verifying the identity of an agent or a client. To access private data on Solid Pods, you must authenticate as a user/agent who has been granted appropriate access to that data.

Authentication Flow

Authentication in Solid is based on OpenID Connect (OIDC), which means the authentication has the following flow:

  1. The application starts the login process by sending the user to the user’s Solid Identity Provider.

  2. The user logs in to the Solid Identity Provider.

  3. The Solid Identity Provider sends the user back to your application, where the application handles the returned authentication information to complete the login process.

Login Flow: 1) Start Login by redirecting user to Solid Identity Provider. 2) User logs in.  3) Solid Identity Provider redirects the user back to the application to handle the returned authentication information.

Inrupt Client Libraries

Inrupt provides the following libraries for authentication:

  • solid-client-authn-browser to authenticate in a browser.

  • solid-client-authn-node library to authenticate in Node.js.

Generate Token Command Line Application

In addition, Inrupt provides a utility @inrupt/generate-oidc-token to help during the development of a single-user Node.js script. The standalone utility takes a user through the authentication flow and upon successful authentication, outputs the Client ID, Client Secret, and Refresh Token. For information, see @inrupt/generate-oidc-token Utility.