Implementation of jouw.id

jouw.id just opened up to the (Dutch) public, powered by Athumi. I figured I’d check it out and share some first impressions here.

On first sight it looks like it’s just a project for a couple of explicitly-supported Dutch media companies, but the FAQ does explicitly mention that it is based on Solid:

What technology does jouw.id use?

The data vault is securely stored on European servers (in our case managed by the Flemish public company Athumi) and works on the basis of the Solid standard. It was developed by Sir Tim Berners-Lee, the inventor of the WWW (World Wide Web), to give people control over their data. In the future, jouw.id can collaborate with other logins and with other data vaults that use the Solid standard.

Given that their intended business model (as per the same FAQ) appears to be that apps that you sign in to pay jouw.id, it seems that they do intend restricting it to a select number of clients, and at the moment, those clients also only work with jouw.id. Like for BBC Together+, this would be a shame - my main interesting in Solid is being able to store data in a location of my choosing, that I could even self-host (and thus fully control), if I want.

That said, at the moment it does look like you can use it with any client, if you use https://idp.jouw.id as your IDP. And they do have an explicitly designed permission screen that you end up with, so fingers crossed that this is intended to be supported.

Now as for the technical details. Connecting to the Pod with Penny, I see that I have two storage locations by default:

The first one appears to be where data is actually stored, and is handled by Athum (datanutsbedrijf.be). The second one appears to host my profile and account data, but it does seem to be a full Pod as well, using CSS NSS (thanks @ewingson for the correction) version 5.7.11. Presumably that was just the easiest way to set up an IDP.

The profile doesn’t contain much data, though it does also point to a largely-unused profile document on the main storage server:

Other than that, the IDP server has a bunch of default Resources (public and private type indexes, settings, etc.), but they’re all empty except for a /settings/serverSide.ttl.inactive Resource, which I assume is left over from some past experiment and only contains:

@prefix dct: <http://purl.org/dc/terms/>.
@prefix pim: <http://www.w3.org/ns/pim/space#>.
@prefix solid: <http://www.w3.org/ns/solid/terms#>.

<>
  a pim:ConfigurationFile;

  dct:description "Administrative settings for the POD that the user can only read." .

</>
    solid:storageQuota "25000000" .

The main storage server I think runs ESS. What’s interesting is that it uses Access Control Policies (ACPs), whereas the IDP server uses Web Access Control (WAC), which bolsters my existing opinion that access control in Solid is a mess - now apps even need to be able to handle all access control mechanisms for a single user.

The management app writes data to the storage Pod, and it (understandably) doesn’t do the follow-your-nose setup where everything is discoverable from the profile document - instead, it hardcodes a couple of paths. One is .datavillage, which contains some a private and a public key, judging by the Resource names:

The other is an /sndk/ (“Stiching Nederlandse datakluis”, I think?) Container at the root, with some client-specific Containers, with data in JSON-LD - though some of it apparently not requestable as Turtle. Here’s an example of one that is, /sndk/npo/themes.jsonld (NPO is a Dutch public broadcasting organisation):

@prefix dc:   <http://purl.org/dc/elements/1.1/> .
@prefix ldp:  <http://www.w3.org/ns/ldp#> .
@prefix owl:  <http://www.w3.org/2002/07/owl#> .
@prefix rdf:  <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix xsd:  <http://www.w3.org/2001/XMLSchema#> .

[ <http://xmlns.com/foaf/0.1/interest>
          <https://npo.nl/themas/NOS-Nieuws> ] .

<https://npo.nl/themas/NOS-Nieuws>
        <http://www.w3.org/2004/02/skos/core#note>
                31446 .

I’ll leave opinions on the contents for the RDF buffs out there.

Anyway, I think that’s about the time I have for now. Would be interested in reading other peoples’ thoughts as well.

6 Likes

Thanks for a great report! Just to make sure I’m following, did I get it right that this is only available to Dutch citizens but is free to them; that it uses a CSS IDP and an ESS storage?

I have questions about the WebID profile document. Is it user editable via Solid apps? If not, how is it editable? What predicate/predicates does it use to link to the profile document on the main storage server?

1 Like

Vincent, thanx for a great summary.
however, I noticed a very small inconsistency.

CSS and version 5.7.11 does not seem to fit together.

NSS is one after 5.7.11 and CSS is on 7.x

I have done a curl -i https://idp.jouw.id and a
curl -i https://app.jouw.id and all I found is that the implementation seems to be based on Next.js

the ecosystem grows !

I’m not sure if it’s only available to Dutch citizens (I didn’t see any particular check and didn’t try with a VPN), but it certainly seems targeted at Dutch citizens. Other than that yes, with the correction that it appears to be NSS, not CSS - thanks @ewingson for noticing.

Yes, I can edit the profile document on NSS, via Penny (a Solid app). http://www.w3.org/2000/01/rdf-schema#seeAlso is used to point to the doc on the main storage server.

1 Like

Thanks for the analysis.

I confirm it does not seem to be restricted to Dutch citizens, and is functional with external Solid apps (tried it successfully with https://solidbench.dev).

Once you’re logged in, you can go to partner media websites like https://npo.nl, where they can detect you’re logged in, and offer you to specify media preferences.
This results in such a file, per media provider, in your pod :

{
"@context":{ 
  "foaf":"http://xmlns.com/foaf/0.1/",
  "skos":"http://www.w3.org/2004/02/skos/core#"
},
"@id":"_:b0",
"foaf:interest":[
  {"@id":"https://npo.nl/themas/Series","skos:note":{"@value":80506}},
  {"@id":"https://npo.nl/themas/Muziek","skos:note":{"@value":568}},
  {"@id":"https://npo.nl/themas/Cultuur","skos:note":{"@value":227}}
]}
1 Like