395
cross-posted from: https://lemmy.world/post/29244629
You can also search the Fediverse directly
this post was submitted on 07 May 2025
395 points (98.1% liked)
Fediverse
33336 readers
688 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to [email protected]!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Log into browser extension with kagi account
generate tokens
use said tokens
How does this ensure privacy? The tokens are associated to your account from the start.
There’s a link in the second paragraph to the technical details, including source code for the implementation and documentation for the required infrastructure.
But the tl;dr is that the tokens aren’t associated to your account. Unless you were able to snoop on the original request that generated the tokens (in which case, you’ve got bigger issues!), there’s no way to prove that a token is related to a specific account. A token only proves that an authorization server once granted access to some account.
Edit: Wikipedia has a good intro: