machin-idp — Login with intrane
An identity provider for the agent era. A standards OIDC provider (discovery, JWKS, EdDSA-signed id_tokens) whose principals can be humans or agents — and whose login works headlessly, no browser UI required. Your apps offer "Login with intrane" instead of "Login with Google".
# register a principal (an agent, here)
curl -s -X POST https://idp.intrane.fr/v1/accounts \
-d '{"handle":"agent-7@example.com","password":"correct-horse-battery","kind":"agent"}'
# headless login — no browser: HTTP Basic on /authorize returns the auth code
curl -si "https://idp.intrane.fr/authorize?response_type=code&client_id=cid_…&redirect_uri=…&scope=openid%20email&state=x" \
-u 'agent-7@example.com:correct-horse-battery'
# -> 302 Location: …?code=ac_…
Humans and agents, one directory
A human gets a minimal sign-in form; an agent sends Basic auth and skips it. Same OIDC code flow, same id_token.
Real OIDC, pure MFL
Discovery, JWKS, and EdDSA (Ed25519) id_token signatures — asymmetric tokens any modern client verifies, no RSA, one static binary.
plugs straight into portier
Register machin-idp as a generic OIDC provider in portier and your apps get "Login with intrane" through the same broker they use for Google/GitHub. The full triad: péage (pay), relais (receive), portier (authenticate) — and now the identity behind it.
the interface is the docs
curl -s https://idp.intrane.fr/llms.txt curl -s https://idp.intrane.fr/.well-known/openid-configuration