nostr/nips
1
0
Fork 0
mirror of https://github.com/nostr-protocol/nips.git synced 2024-09-19 22:35:50 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
101cd793ee
nips/97.md
Semisol 101cd793ee
NIP-97
2024-02-12 23:30:31 +03:00

1.1 KiB
Raw Blame History

NIP-97

Nostr Login

draft optional

This NIP defines a method for a way for users to prove to apps that they control a certain private key. This can be used to enable login for services like the management panel of image hosts.

Login URI

A login URI is defined of the format nostr+login:<domain>:<identifier> where domain MUST be a valid DNS domain or .onion service. The identifier MUST only consist of A-Z a-z 0-9 _ - ..

This login URI can be presented as a clickable link, a QR code or a copyable string.

Login process

A client that wishes to log in to a service SHOULD display the domain associated with the service to the end user before allowing them to log in to prevent services showing a login string for another service.

After the user approves the login, the client should send a POST request to /.well-known/nostr-login to the domain with the i query parameter set to the identifier and a valid NIP-98 authentication header present.

HTTPS should always be used except for .onion services, which should be contacted using HTTP.

Clients MAY or MAY NOT decide to implement support for .onion services.