Authorization
Web Access Control (WAC)
We support the full WAC specification, except the WAC-Allow
header #837
Access Control Policy
We do not support yet the ACP specification.
Capability URLs
Added in: activitypods@1.5
We implement capability resources which are defined as WAC Authorizations:
Anyone who know the capability URL can access its corresponding resource like this:
The capability resource itself is not public, but it can be requested with its own URL in the Authorization
header.
We are currently working on an implementation of the ZCAP-LD spec to make capabilities more secure and extensible.