Persona is Shutting Down

Mozilla has announced that Persona will be shutting down November 2016. warden-browserid relies on the Persona service and will stop functioning properly once Persona is shut down. While it is possible to self-host Persona and configure warden-browserid to rely on your own instance, this is difficult and not recommended. See the wiki page linked above for recommended alternatives to Persona for authentication.

A Rack BrowserID Provider

Become a Mozilla BrowserID Primary Identity Provider.

This is a Rack middleware for providing the BrowserID Primary Identity service. I have so far tested this only with Ruby on Rails.

Code Climate Build Status


Add this line to your application's Gemfile:

gem 'browserid-provider'

And then execute:

$ bundle

Or install it yourself as:

$ gem install browserid-provider


In you Rails app config/application.rb, add:

  config.middleware.use BrowserID::Provider, :server_name => "", :delegates => [""]

The default setup relies on Warden to see which user is logged in. This can easily be customized to fit any middleware function.

The available configuration options are the following:

  • authentication_path

    Where to redirect users for login defaults to: "/users/sign_in" (Devise default)

  • provision_path

    What HTTP path to deliver provisioning from defaults to: "/browserid/provision"

  • certify_path

    What HTTP path to deliver certifying from defaults to: "/browserid/certify"

  • whoami_path

    What HTTP path to serve user credentials at defaults to: "/browserid/whoami"

  • jquery_path

    What HTTP path JQuery is served at defaults to: "/assets/jquery.js"

  • whoami

    Name of the middleware to get the current user object from (:user must respond to :email method) This middleware will be called as follows: env['warden'] defaults to: "warden"

  • private_key_path

    Where is the BrowserID OpenSSL private key located defaults to: "config/browserid_provider.pem"

  • The "/.well-known/browserid" path is required from the BrowserID spec and used here.

  • browserid_url

    Which BrowserID server to use, ca be one of the following:

    • for development (default)
    • for beta
    • for production
  • server_name

    The domain name we are providing BrowserID for (default to

  • delegates

    An array of strings representing authority delegates

The client side is JavaScript enabled. For Rails use:

    <%= browserid_authentication_tag %>
    <!-- Enable BrowserID authentication API on the form #new_user -->
    <%= enable_browserid_javascript_tag "new_user" %>

In your login form, add a cancel button like this:

  <%= button_to_function "Cancel", "" %>

Without Rails view helpers (in any framework), you can do:

  $('form#new_user').bind('ajax:success', function(data, status, xhr) { })


  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Added some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request