Identity/Firefox-Accounts: Difference between revisions
| Line 19: | Line 19: | ||
Persona is an awesome federated identity protocol, not an account system. | Persona is an awesome federated identity protocol, not an account system. | ||
Mozilla needs an account database to deliver a fantastic, integrated experience across all its products. Unfortunately, delivering awesome services involves some less exciting, but still important aspects, like making sure users have had a chance to inspect our terms of service and privacy policies. We must also comply with local laws and regulations, e.g., [http://www.coppa.org/ COPPA]. It would be inconvenient for users to have to verify a terms of service, a privacy policy, and COPPA at each individual Mozilla. We believe that users should only have to inspect our terms of service, privacy policy, and go through COPPA verification '''once''' for all our services. Firefox Accounts enables us to do that. | Mozilla needs an account database to deliver a fantastic, integrated experience across all its products. Unfortunately, delivering awesome services involves some less exciting, but still important aspects, like making sure users have had a chance to inspect our terms of service and privacy policies. We must also comply with local laws and regulations, e.g., [http://www.coppa.org/ COPPA]. It would be inconvenient for users to have to verify a terms of service, a privacy policy, and COPPA at each individual Mozilla service. We believe that users should only have to inspect our terms of service, privacy policy, and go through COPPA verification '''once''' for all our services. Firefox Accounts enables us to do that. | ||
== Can I use Persona to log in to my Firefox Account? == | == Can I use Persona to log in to my Firefox Account? == | ||
Revision as of 23:49, 27 October 2013
What Is Firefox Accounts?
Firefox Accounts is consumer account system which provides access to services run by Mozilla, such as Firefox Marketplace and the next version of Firefox Sync. A user can sign in with a Firefox Account to all her "Foxes": Firefox on Desktop, Firefox for Android, and Firefox OS. Signing into a Firefox browser or device gives the user access to integrated Mozilla Services on that browser or device that requires authentication (e.g., Firefox Sync). Longer term we envision that non-Mozilla services and applications will be able to delegate authentication to Firefox Accounts.
Firefox Accounts also functions as a key server for applications that encrypt data, such as the next version of Firefox Sync.
FAQ
Will I be required to create a Firefox Account to use Firefox?
No, of course not! Firefox Accounts will only be required for Mozilla Services that require authentication, such as Firefox Sync and Firefox Marketplace.
How do I create and sign in to a Firefox Account?
Firefox Accounts will work much like authentication works on the rest of the web. You create a Firefox Account with a verified email and password. You sign in to Firefox Accounts with your email and password. Password reset works by responding to an email challenge.
What's the difference between Persona and Firefox Accounts?
Persona is an awesome federated identity protocol, not an account system.
Mozilla needs an account database to deliver a fantastic, integrated experience across all its products. Unfortunately, delivering awesome services involves some less exciting, but still important aspects, like making sure users have had a chance to inspect our terms of service and privacy policies. We must also comply with local laws and regulations, e.g., COPPA. It would be inconvenient for users to have to verify a terms of service, a privacy policy, and COPPA at each individual Mozilla service. We believe that users should only have to inspect our terms of service, privacy policy, and go through COPPA verification once for all our services. Firefox Accounts enables us to do that.
Can I use Persona to log in to my Firefox Account?
Not initially, but it's something we're investigating to add in the future.
Resources
Firefox Accounts Server
- Authentication Protocol: Identity/AttachedServices/KeyServerProtocol
- Code: https://github.com/mozilla/picl-idp
- API documentation: https://github.com/mozilla/picl-idp/blob/master/docs/api.md
- Dev servers
- FxA API: https://idp.dev.lcip.org
- FxA Jelly: https://accounts.dev.lcip.org/flow (code at https://github.com/mozilla/firefox-account-bridge)
- Key stretching performance tests: https://wiki.mozilla.org/Identity/AttachedServices/Key_Stretching_Performance_Tests
Firefox Accounts on Desktop
Firefox Accounts integration on Firefox for Desktop is happening in the "elm" project branch. We are also working out of a github repo for "pre-elm" experimentation.
Firefox Accounts on Android
Firefox Accounts integration on Firefox for Android is happening in the "elm" project branch.
Firefox Accounts on Firefox OS
We are currently focused on how to implement Firefox Accounts in FirefoxOS. This is a collaborative effort working closely with TEF engineers.
Our current line of thought is below and a work-in-progress:
- High level document with background and goals: https://id.etherpad.mozilla.org/fxa-on-fxos
- Lower level document with concrete distinct components: https://id.etherpad.mozilla.org/fxa-on-fxos-madrid
- Architectural diagram: https://docs.google.com/file/d/0B0Az-aXpSyQJZ2xCdWRwWTNoRDQ/edit?usp=sharing&pli=1
- Branch: https://github.com/lloyd/gaia
- UX: https://www.dropbox.com/s/eao8d36gkygvv3c/spec_ffos_fte_jgruen_10_18_13.pdf
Contacts
- Leads: Chris Karlof, Jed Parsons
- IRC: #picl (general FxA, and FxA on Desktop and Android), #native_identity (for FxA on FxOS)
- List: dev-fxacct@mozilla.org
- Engineering: Brian Warner, Danny Coates, Ryan Kelly, Zach Carter, Nick Alexander, Sam Penrose, Shane Tomlinson
- UX: John Gruen, Ryan Feeley
Related
Demos
- Firefox Accounts + Firefox Sync on Android: https://vimeo.com/77667079
- Firefox Accounts + Firefox Sync on Desktop: https://vimeo.com/77717494