Identifiers in ActivityPub tend to be HTTPS URIs. The use of WebFinger (as defined in RFC 7033) allows for discovery of an actor's identifier given a username and a hostname, which may be more socially salient or otherwise easier to communicate across various contexts and media. The username and hostname are resolved at the WebFinger endpoint of the hostname in order to discover a link to an actor associated with the user's account, and that actor similarly can be back-linked to the username and hostname.
+Identifiers in ActivityPub tend to be HTTPS URIs. The use of WebFinger (as defined in [[RFC7033]]) allows for discovery of an actor's identifier given a username and a hostname, which may be more socially salient or otherwise easier to communicate across various contexts and media. The username and hostname are resolved at the WebFinger endpoint of the hostname in order to discover a link to an actor associated with the user's account, and that actor similarly can be back-linked to the username and hostname.
This is required.
@@ -39,14 +39,17 @@Conventionally, people can be identified by their user@domain address, while documents can be identified by their HTTPS location.
Given a username and hostname in the form user@domain:
acct: URI of the form acct:user@domainacct: URI as the value of the resource query parameterFor example, the WebFinger address alyssa@social.example can be resolved as a resource by making an HTTP GET request for https://social.example/.well-known/webfinger?resource=acct:alyssa@social.example (or https://social.example/.well-known/webfinger?resource=acct:alyssa%40social.example if percent-encoded). This request MUST returns a JRD (JSON Resource Descriptor) with application/jrd+json as the content type (assuming no specified Accept header).
The WebFinger request and response may look like this:
+Given a username and hostname in the form user@domain:
acct: URI of the form acct:user@domain (as defined in [[RFC7565]])acct: URI as the value of the resource query parameter (as described in [[RFC7033]])For example, the WebFinger address alyssa@social.example can be resolved as a resource by making an HTTP GET request for https://social.example/.well-known/webfinger?resource=acct:alyssa@social.example (or https://social.example/.well-known/webfinger?resource=acct:alyssa%40social.example if percent-encoded). This request MUST returns a JRD (JSON Resource Descriptor) with application/jrd+json as the content type (assuming no specified Accept header).
The WebFinger request and response may look like this:
GET /.well-known/webfinger?resource=acct:alyssa@social.example HTTP/1.1 Host: social.example @@ -74,7 +77,17 @@- +Discovery
] }
At this point, you can parse for the href of the element of links that has a rel of self and a type of either application/ld+json; profile="https://www.w3.org/ns/activitystreams" or application/activity+json (depending on the implementation).
Given an actor with an id and a preferredUsername:
id to discover the WebFinger domainpreferredUsername and the WebFinger domain in order to form a WebFinger addresssubject contains an acct: URI different from the one you constructed, perform a verification discovery against that acct: URI instead. (In such cases, the subject of the JRD denotes the expected canonical identifier.)