Hi Lobsters! A few of us have been hacking on a scaled-down, spiritual successor to Persona, and we think it’s far enough along to show off and get some validation of the idea / architecture.
The core idea is that you treat this (self-hostable!) microservice like a black box: email address goes in, validated proof of identity comes out. No passwords, and no secrets to store in your application’s database.
Behind the scenes, it works similarly to a password reset or passwordless login workflow, but with progressive enhancement so that, e.g., Gmail users go through Google Sign-In instead of having to check their email. We’d love to know what you think!