Updates:
- 2025-04-23: New registration process
- 2025-05-10: Security considerations
Reverting back to C2S authentication based on actor keys: #618 - FEP-ae97: Main actor key - fediverse/fep - Codeberg.org
Yet another update, Media API: #682 - FEP-ae97: Update proposal - fediverse/fep - Codeberg.org
Iām a -1 on that form of the media upload API, rather than trying to use a .well-known URI that would need to be registered with IANA, we should instead use the uploadMedia endpoint in the Actor document.
This endpoint is defined here: SocialCG/ActivityPub/MediaUpload - W3C Wiki
Though it should be possible to upload media without an associated Object payload, and also be possible to delete uploaded media (erroring if itās attached to a published object)
1 Like
FEP-ae97 deals with portable actors that are managed by clients. These actor documents may be served by multiple servers (gateways) and there is no single endpoint that a client could add to the endpoints mapping.
But I agree that introducing yet another well-known URI is not optimal. Maybe there should be a single discovery endpoint similar to /.well-known/oauth-authorization-server from RFC-8414.
Good point about deleting media. I will probably use DELETE /.well-known/apgateway-media/{hashlink} for that.
1 Like
I just noticed.
The example in:
should have an id.
At least if you want to be compatible to
1 Like
This is not intended to be a valid controller document. Just an ephemeral JSON document with similar fields.
Another update: #691 - FEP-ae97: Delete media - fediverse/fep - Codeberg.org
- Added
GET /.well-known/apgatewayendpoint for detecting whether the server supports FEP-ae97 clients or not. Thanks @MediaFormat for suggestion! - Added
DELETE /.well-known/apgateway-media/{hashlink}endpoint for deleting media. Thanks @thisismissem for suggestion!
1 Like