I'm interested in using mozilla persona/browserid in my site. Logging in with it already works pretty well. But I also want to act as an indentity provider for users that want to create an email adress with my domain.
I have implemented a very basic http server using node.js & express, that handles /.well-known/browserid requests to provide the public key and the paths to the provisioning & authentication page. But if I visit 123done.org and try to login with [email protected], it says me that persona does not know this email and offers me to create an idendity.
My server never gets a request at mycustomdomain.com/.well-known/browserid, so persona never tries to really log me in using my server.
This leads me to the question: Is persona even able to log people in using thirdparty IDPs or is mozilla's the only one that works at the moment?
Third-party identity providers do work today. You can find out more in the official documentation and in these two blog posts from people who have successfully written their own IdPs.
Question for you: Is your IdP exposing the
.well-known/browserid
support document over HTTPS? Are you using SNI?