WebID and Solid Primer

Get up to speed quickly

Solid is a draft W3C specification that extends and combines a set of existing web standards (e.g. Linked Data Platform, OpenID Connect, WebID, Web Access Control, ...) so people and organisations can easily exchange information. Solid was invented by Tim Berners-Lee, the inventor of the world wide web. Solid leads to a world wide web, but then for personal data.

Solid: A set of rules to standardise data exchange

In essence, Solid is a set of rules. The most fundamental rules of Solid say that there are WebIDs, stores, login methods, authorisation agents and apps. The rest of the Solid rules say how these components should interact with each other so that they can be used interchangeably.

Component 1: WebID

A WebID is a URI to identify an entity (e.g. a person, an organisation) that should be able to authenticate and and receive access to certain data. A WebID URI points to a WebID profile document. This profile document contains several information such as pointers to the entity's login methods, stores, data registries etc.

Component 2: Store

In Solid, a store is a combination of (1) physical location on which you can store both structured resources (like data in a database) and unstructured data (i.e. files) and (2) an authorisation server containing access controls to those resources. Access controls are defined using WebIDs (e.g. webid.app.com has read access to resource x and webid.organisation.com has write access to resource y). Stores can be attached to multiple WebIDs and one WebID can point to multiple stores.

Component 3: Login method

The profile document also contains a list of login methods, i.e. identity providers at which the WebID owner has an account. These identity providers must follow the Solid-OIDC W3C standard. Even though you can list multiple identity providers, each account at an identity provider can only be used for one WebID. Each use.id WebID has a use.id login method connected to it by default.

Component 4: Authorisation agent

Your profile document also contains a list of your authorisation agents. Such an agent is an application that you, as a WebID holder, trust to make changes to the access controls of your data on your behalf. These agents must follow the W3C Solid Interoperability Specification. Each use.id WebID has an authorisation agent associated with it by default.

Component 5: Apps

Applications can let people login with their WebID (and preferred login method) and ask access to data. Because access controls are defined using WebIDs, applications that require access to data, need to have a WebID as well.