App Passwords: Difference between revisions
m Update reference link |
m Add Bluesky link |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
An '''App Password''' is an authentication method for third-party apps to sign in to a user's account via their [[PDS]] and create a [[session]]. It only grants third-party apps read-write access to resources like posts, likes, and follows, while not disclosing more sensitive data like a user's email address, password, or (by default) direct messages. | An '''App Password''' is an authentication method for third-party apps to sign in to a user's account via their [[PDS]] and create a [[session]]. It only grants third-party apps read-write access to resources like posts, likes, and follows, while not disclosing more sensitive data like a user's email address, password, or (by default) direct messages. | ||
App Passwords were introduced in April 2023 as “a short-term solution for authentication” until better and more granular authentication methods are available.<ref>[https://bsky.social/about/blog/4-21-2023-atproto-developer-ecosystem "The AT Protocol Developer Ecosystem"]. Bluesky. Retrieved March 12, 2025.</ref> Despite the introduction of OAuth authentication in September 2024,<ref>[https://docs.bsky.app/blog/oauth-atproto "OAuth for AT Protocol"]. Bluesky. Retrieved March 12, 2025.</ref> they remain a core part of the user experience of using third-party apps. | App Passwords were introduced in April 2023 as “a short-term solution for authentication” until better and more granular authentication methods are available.<ref>[https://bsky.social/about/blog/4-21-2023-atproto-developer-ecosystem "The AT Protocol Developer Ecosystem"]. Bluesky. Retrieved March 12, 2025.</ref> Despite the introduction of [[OAuth]] authentication in September 2024,<ref>[https://docs.bsky.app/blog/oauth-atproto "OAuth for AT Protocol"]. Bluesky. Retrieved March 12, 2025.</ref> they remain a core part of the user experience of using third-party apps. | ||
Following the introduction of [[Direct Messages (Bluesky)|direct messages]] in May 2024, Bluesky added an option to allow sessions created through app passwords to also access direct messages.<ref>[https://bsky.app/profile/did:plc:ia76kvnndjutgedggx2ibrem <nowiki>mary [@mary.my.id]</nowiki>] (May 24, 2024). [https://bsky.app/profile/mary.my.id/post/3kt6zalwocs2o "OTA update has been pushed and you can now make app passwords with access to direct messages"]. ([[Post]]) – via [[Bluesky]]. </ref> | Following the introduction of [[Direct Messages (Bluesky)|direct messages]] to [[Bluesky]] in May 2024, Bluesky added an option to allow sessions created through app passwords to also access direct messages.<ref>[https://bsky.app/profile/did:plc:ia76kvnndjutgedggx2ibrem <nowiki>mary [@mary.my.id]</nowiki>] (May 24, 2024). [https://bsky.app/profile/mary.my.id/post/3kt6zalwocs2o "OTA update has been pushed and you can now make app passwords with access to direct messages"]. ([[Post]]) – via [[Bluesky]]. </ref> | ||
== References == | == References == | ||
<references /> | <references /> | ||
Latest revision as of 21:40, 12 March 2025
An App Password is an authentication method for third-party apps to sign in to a user's account via their PDS and create a session. It only grants third-party apps read-write access to resources like posts, likes, and follows, while not disclosing more sensitive data like a user's email address, password, or (by default) direct messages.
App Passwords were introduced in April 2023 as “a short-term solution for authentication” until better and more granular authentication methods are available.[1] Despite the introduction of OAuth authentication in September 2024,[2] they remain a core part of the user experience of using third-party apps.
Following the introduction of direct messages to Bluesky in May 2024, Bluesky added an option to allow sessions created through app passwords to also access direct messages.[3]
References[edit | edit source]
- ↑ "The AT Protocol Developer Ecosystem". Bluesky. Retrieved March 12, 2025.
- ↑ "OAuth for AT Protocol". Bluesky. Retrieved March 12, 2025.
- ↑ mary [@mary.my.id] (May 24, 2024). "OTA update has been pushed and you can now make app passwords with access to direct messages". (Post) – via Bluesky.