Motivation
The fediverse has ~10 million active users, all speaking ActivityPub, all producing JSON-LD. JSS already has basic ActivityPub support. Adding Mastodon-compatible OAuth and API endpoints would let any Mastodon client (Elk, Phanpy, Ice Cubes) log into a JSS instance and interact with pod content — instantly reaching millions of users without them installing anything new.
OIDC already provides 90% of the OAuth 2.0 layer. The remaining work is Mastodon-specific API surface.
Incremental plan
Step 1: Auth compatibility
POST /api/v1/apps — dynamic client registration (OIDC has similar, small adapter)- Map OIDC authorize/token endpoints to Mastodon's expected paths
- Mastodon scopes (
read, write, follow) mapped to Solid ACL permissions
Step 2: Core identity
GET /api/v1/accounts/verify_credentials — return WebID profile as a Mastodon-compatible account object
Step 3: Content
GET /api/v1/timelines/home — map pod resources to a Mastodon-compatible feedPOST /api/v1/statuses — write to pod, federate via ActivityPub
Each step is independently useful. After step 1+2, Mastodon clients can log in. After step 3, they can read and post.
Outcome
A Mastodon user opens their favourite client, enters a JSS instance URL, logs in, and sees their Solid pod content as a fediverse feed. No new account, no new app. Existing Mastodon clients just work.
This bridges Solid to the fediverse — 10 million potential users, zero onboarding friction.
Motivation
The fediverse has ~10 million active users, all speaking ActivityPub, all producing JSON-LD. JSS already has basic ActivityPub support. Adding Mastodon-compatible OAuth and API endpoints would let any Mastodon client (Elk, Phanpy, Ice Cubes) log into a JSS instance and interact with pod content — instantly reaching millions of users without them installing anything new.
OIDC already provides 90% of the OAuth 2.0 layer. The remaining work is Mastodon-specific API surface.
Incremental plan
Step 1: Auth compatibility
POST /api/v1/apps— dynamic client registration (OIDC has similar, small adapter)read,write,follow) mapped to Solid ACL permissionsStep 2: Core identity
GET /api/v1/accounts/verify_credentials— return WebID profile as a Mastodon-compatible account objectStep 3: Content
GET /api/v1/timelines/home— map pod resources to a Mastodon-compatible feedPOST /api/v1/statuses— write to pod, federate via ActivityPubEach step is independently useful. After step 1+2, Mastodon clients can log in. After step 3, they can read and post.
Outcome
A Mastodon user opens their favourite client, enters a JSS instance URL, logs in, and sees their Solid pod content as a fediverse feed. No new account, no new app. Existing Mastodon clients just work.
This bridges Solid to the fediverse — 10 million potential users, zero onboarding friction.