Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds a comprehensive guide for authenticating Node.js scripts with Solid servers using Client Credentials. The guide addresses a common need for automated authentication in server-side scripts, bots, and CI/CD workflows where browser-based authentication isn't available.
Changes:
- Updated the main documentation index with an improved welcome message and added the new authentication guide to the guide list
- Added a complete step-by-step guide covering Client Credentials authentication for Node.js scripts
- Documented both UI-based and API-based methods for generating credentials
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| docs/index.md | Enhanced welcome text and added link to the new authentication guide |
| docs/guides/authenticating_with_a_script.md | New comprehensive guide covering Client Credentials authentication for Node.js scripts |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
@langsamu could you please approve this. |
Two suggestions (2. more important) but good to publish in my opinion. |
|
@copilot please implement the suggested changes made by Samu |
* Initial plan * Address review feedback: load OIDC_ISSUER from env var, add cross-platform instructions Co-authored-by: jeswr <63333554+jeswr@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: jeswr <63333554+jeswr@users.noreply.github.com>
There was a problem hiding this comment.
Again, good to publish in my opinion.
Followed instructions to the letter and got expected result.
Did not try 2.B (get client creds programmatically).
A few suggestions below clarifying OIDC AS vs Solid URI.
A general observation:
Using the WebID profile document as the example of a resource to get using an authenticated fetch has some shortcomings.
- The WebID profile resource is, by definition and necessity, a public one. Retrieving it with an authenticated request is a known anti-pattern.
- The WebID profile resource is not defined to be a Solid resource. Indeed it is not a Solid resource in ESS.
- While 'WebID' is an immediately recognisable term for those familiar with Solid, it might not be as well known for the novice targeted here.
| // In production, load these from environment variables. | ||
| const CLIENT_ID = process.env.SOLID_CLIENT_ID; | ||
| const CLIENT_SECRET = process.env.SOLID_CLIENT_SECRET; | ||
| const OIDC_ISSUER = process.env.SOLID_OIDC_ISSUER; // Your Solid server URL |
There was a problem hiding this comment.
| const OIDC_ISSUER = process.env.SOLID_OIDC_ISSUER; // Your Solid server URL | |
| const OIDC_ISSUER = process.env.SOLID_OIDC_ISSUER; // Your authorization server URL (sometimes called IdP, sometimes same as your Solid server URL |
| main().catch(console.error); | ||
| ``` | ||
|
|
||
| Run the script, passing your credentials and server URL as environment variables. |
There was a problem hiding this comment.
| Run the script, passing your credentials and server URL as environment variables. | |
| Run the script, passing your credentials and authorization server URL (sometimes same as Solid server URL) as environment variables. |
Related: