Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
When you create a Fission Account, whether signing up on the web or using the command line as a developer, it creates a username and email address in our service database, and also a private / public key pair representing that account.
We also create a Fission Web Native File System (WNFS) attached to your account, and given you access to Fission Drive, which lets you browse all your files, access them from any browser, and see which apps are attached to your file system.
We verify your email address, and can use that to help manage aspects of your service with us. You hold access to the keys connected to your account, and sign in happens automatically.
We encourage you to "link" your account to multiple devices -- your desktop and your phone, your home and your work computers, and so on. These devices can then be used to login, or link more accounts. You can read more about Account Linking »
Each device gets their own private key using the WebCrypto API built into modern browsers. Private keys shouldn't be copied around, so instead, we link keys indicating they have access to the same account.
There is no "sign out" for a Fission-powered app. You use your key to do a passwordless login, stored in your local desktop browser, mobile web browser, or your local desktop file system with the command line developer tool.
While your device is linked with a key, Fission apps will check that you have a key with the proper permission, and will just let you right in, without having to remember a password or even a username.
This is like your smartphone: only a single user is "logged in" to their personal phone, and they aren't shared.
A Fission app is more like an app that you download on your phone. When you don't want the app anymore, you delete it.
If you want it again in the future, you download it again, by giving permission to the app store to install it. You then might give permission to access other parts of your phone, like the camera or GPS.
We don't delete the data that the app stored for you, since it's stored in your own Fission File System -- just like data is stored on your phone.
As part of signing into an app, an app will ask for certain permissions. Right now, these are mostly related to access to your file system.
By default, every app needs access to an App Folder. You'll need to at least grant access to an App Folder for the app to function correctly.
Instead of signing out, you may want to revoke -- or delete -- an app's access to your account.
You can even revoke access to the default Drive app, but we'll ask you to make an extra confirmation. You'll need to use another tool or developer API access to manage your Fission File System attached to your account.
Browsers and desktop computers aren't smartphones, and they do get shared. You can unlink a device -- remove your key -- by visiting the Fission Auth page.
You may create multiple Fission accounts, but you'll need a unique email address and username for each one. You'll also need to use Browser Profiles to be able to access them at the same time on the same machine, as the keys that grant access are stored in the browser.
Fission Drive lets you browse public, unencrypted files stored on IPFS.
Fission Drive is currently a preview release of our upcoming file storage and identity system that lets you take your files anywhere, encrypted end-to-end as well as for public hosting of files, websites, and apps.
The Preview release is an exploration of the interface, and currently supports only public files.
You can browse any IPFS directory, not just those hosted on Fission, by entering in the hash, or Content ID (CID), of a directory.
You can use QmbCLefkFuXbhHBWSW7PWmJzBL7W7e8zm41HK4DGJ1RDwV
as an example folder to browse. Visit drive.fission.codes to try it out.
The hash above represents Boris' public files, which you can also see in the default IPFS browser at boris.fission.name.
Preview supports system wide / browser settings for dark vs. light mode and will switch automatically when you change those settings.
Note: ChromeOS does not currently support dark mode.
Clicking on an image will give you a file preview.
Click on the double arrows in the top right hand corner to embiggen the preview to full screen. Hit the X to close the preview.
The "Open in new tab" link will give you a permanent link for sharing the current file, using the Fission IPFS gateway.
Yes, this works on mobile!
Use arrow keys to navigate, enter to open preview.
Make a recovery kit and never lose access to your account
Fission users can recover a lost account with a Recovery Kit. You can create a Recovery Kit in the Fission Dashboard to ensure you will always have access to your account.
Account recovery is only needed when you do not have any linked devices. If you have lost access on one device, but are still signed in on another device, you can use account linking instead.
Sign in to the Fission Dashboard and select Recovery Kit.
To create a Recovery Kit, you need to grant the Fission Dashboard access to your private files. This step is necessary for the Dashboard to recover your private files.
Allow creating a recovery kit and grant permission in the Fission Auth Lobby.
After granting permission, you can create a Recovery Kit.
The recovery kit should be stored somewhere safe. Anyone with access to your Recovery Kit can access your private files. If you lose your Recovery Kit, you will not be able to recover your account.
Download your Recovery Kit and save it somewhere safe.
We recommend you store it on a device or storage medium that you will not easily lose.
If you have lost access to your account, you can recover it with a Recovery Kit from the Fission Dashboard.
Select the Recover your account option below the sign in button.
You will need your Recovery Kit and access to the email you used to create the account.
Drag your recovery kit onto the upload box or click the box to select it from your file system. Fission Dashboard will import your recovery kit.
After Fission Dashboard imports your Recovery Kit, select send email.
Fission will send you verification email. Click on the link in the email and the recovery page will give you an option to recover your account.
Select recover account and re-link your account by signing into the Fission Auth Lobby.
Make sure to keep the recovery page open while you re-link your account.
The Fission Auth Lobby and account recovery page will show you confirmation codes.
When you are satisfied that the codes match, confirm in the account recovery page.
After confirming, Fission will recover your account, and you can access your files again.
Your Recovery Kit will work again if you need to recover your account in the future.
To get setup on different devices or browsers, follow the account linking process
To have access to your account across multiple devices, you need to link them.
When you visit an app on a new device and Sign in with Fission, or if you go directly to the Fission Auth page, you'll be prompted to either create a new account or link an existing one:
If you have an account already, click the sign in button:
The only thing you need to know is your username. Enter it, and hit the link account button:
As you can see, you are now being asked to open the Fission Auth page on your other device. This might be your other computer or perhaps your phone. There is also a short message telling us that this is for the boris0902
username.
Once you open the Fission Auth page on your other device, it will detect the linking request and display a page like this.
The new device you are linking should show the same numbers:
Since we can see the numbers are the same, we can go ahead and hit the "Approve" button, and you'll see this success message.
Switching to the new device you were linking, you'll see this message:
Now you can use either device with full authorization
And yes, this works on mobile too:
The Linking an existing user guide has details on linking accounts used at the command line.
Get your first site up and running with this beginner-friendly guide
With fission
installed, we are ready to set it up on your local machine. If this is your first time using fission
, you will be prompted for a username and an email to confirm your new account.
A private key has been generated for your machine and saved in the ~/.config/fission/key/
directory. This key secures your communication with Fission services and works like using an SSH key to connect to GitHub.
Let's publish a simple webpage with Fission! We will write a simple webpage, register it as a Fission app, and publish it to the web.
Create a project directory and an index.html
file.
Add some content to index.html
:
Run fission app register
command to initialize the webpage as a Fission app. You will be prompted for a build directory.
Press enter to set hello-universe
as your build directory, and fission
will initialize your app.
Fission will create a fission.yaml
file with your app configuration.
Run fission app publish
to publish the webpage.
Copy the URL from the last line and paste it into your web browser to view the webpage live on the web. Nice and simple!
It may take a few minutes for DNS to propagate. If you don't see the webpage live at the URL, come back and try again in a bit. You can also take the URL from the CLI output and view the webpage athttps://ipfs.runfission.com/ipfs/{URL}
right away.
Like all Fission apps -- including the ones made by Fission directly -- you need to give permission to the Dashboard app to access your account info.
Migrate your file system to get the latest features
Fission will occasionally change how your file system is stored to enable new features, improve performance, and improve security. Some of these changes require a file system migration.
Because Fission has no control over your file system, we cannot migrate your file system for you. To help you with migrations, we've developed a command-line tool that upgrades your file system to the latest version.
After removing a device, you will be able to create a new account. New accounts are always created at the latest file system version.
Multiple devices. If you have signed in on multiple devices, remove each device and link them again after you have created a new account.
At the moment, running a migration requires familiarity working with the command line on your machine.
The Webnative File System (WNFS) migration tool will use your linked credentials when migrating your file system.
wnfs-migration
You can now install the migration CLI tool with npm:
npm install --global wnfs-migration
wnfs-migration
Make sure the output of npm bin
is on your PATH. If it is not, you can prepend your command with the path returned from npm bin
, for example: $
/home/me/node_modules/bin/wnfs-migration
At this point, wnfs-migration
has migrated a local copy of your WNFS. It will then ask you to confirm that you want to overwrite the synced version of your file system on the Fission servers.
Enter Y
to confirm or n
to decline and abort the migration process. If you confirm, wnfs-migration
will sync your migrated file system:
If you already have an account created in a web browser, you can link it on your local machine. See the to link your account.
The url
is where your webpage will be on the web after it has been published, build
tells the fission which directory to publish, and ignore
is a list of files and directories to ignore. See the for more details.
shows the verification status of your account. You can resend your verification email if it ended up in your spam.
If your file system is outdated, you will see a message like this in the Auth Lobby ():
If you decide that your username and data are not worth keeping, go to and click the text "remove this device" on the bottom of the page. Keep in mind that you will not be able to access data associated with the account afterward.
There is a live beta of the development version available at https://dashboard-develop.fission.app/. It might delete your apps or eat your JavaScript.
All of the apps that you have published with your account are listed on the Apps page.
As well as using the Fission CLI to register and publish apps, you can drag and drop a folder of HTML, CSS, and JavaScript files to create and publish your app directly from the browser.
Behaviour between drag-and-drop and the file chooser differs slightly!
If you upload files via drag-and-drop, e.g. by selecting the files index.html
and styles.css
and dropping both, you'll end up with these two files at the root of your app, so e.g. at your-app.fission.app/index.html.
If you upload files via clicking on the drop area, you'll open a directory chooser. There, select the directory that contains all files you want to have served on your app. So, e.g. choose the build
directory that contains the index.html
and styles.css
files.
When you click on an app in your apps list, you get to a page you can update, rename or delete your apps on.
The Fission CLI account management commands
Use fission setup
, fission user whoami
, and fission login
to set up your account, display your username, and link your account in web browser.
The fission setup
command registers your account with Fission or links to your existing Fission account.
When you register a new account, you will be prompted for a username and an email. Fission will send you an email to confirm your account and complete your registration.
The fission setup
command will create a global config.yaml
file in your ~/.config/fission
directory. See the Global Fission YAML guide for more information about the config.yaml
file.
The registration process will also create a Fission Drive for you automatically at the URL YOURNAME.fission.name
using your Fission username.
Use fission user whoami
to display your username.
You can link your Fission account in a web browser to interact with Fission-enabled apps. The fission login
command sets up the CLI to listen for requests to link your account.
Open the Fission auth lobby in a browser window, select "Sign In", enter your Fission username, and select "Link Account".
The browser window and command line will display confirmation codes. Verify that the confirmation codes match and grant access at the command line.
The browser window will update to show that you have successfully linked your account.
If you are signed into a Fission account in a web browser, you can link your account and use it at the command line.
Open the Fission auth lobby in a browser window.
Use fission setup
to create and link a CLI user at your command line.
When prompted, enter Y
to confirm you have an account and enter your username from the browser window. The auth lobby and CLI will display a confirmation code.
When you have confirmed that the codes match, approve in the browser, and the CLI will complete the setup process and link your account.
You can set up your machine with an existing account if you have the machine_id.ed25519
key. Use --with-key
argument and the path to your key.
The webnative software development kit offers tools for:
Auth. Users make an account and link their account across devices in the Fission Auth Lobby.
Storage. The webnative file system (WNFS) stores user data for apps.
UCAN and DID tools for working with UCANs and distributed identities
Platform APIs for interacting with user apps
Versions. This guide is versioned for each version of the CLI/Webnative SDK. See the top left above Overview in the sidebar to select the version of CLI or SDK you are working with. Latest represents all versions newer that last numbered version. We will always add a numbered version when a breaking change occurs.
API documentation and code. Read more in the API reference (or an alternate view) and in the webnative code repository.
Have questions? Come join the Fission Discord server or post your question to the Fission Developer forum. We are here to help!
An introduction to Fission for developers
The Fission CLI and Webnative SDK are developer tools for interacting with Fission services. This section will introduce the technologies used in these tools and describe how they work on your machine and in the broader network.
The Fission CLI and Webnative SDK use the InterPlanetary File System (IPFS) for networking and data transfer. IPFS uses peer-to-peer communication to exchange data between peers.
What is IPFS? IPFS is a distributed system for storing and accessing files, websites, applications, and data. If you aren't already familiar with IPFS, you may want to read Protocol Lab's What is IPFS? guide.
In the browser, the Webnative SDK connects with Fission peers to access and update user data. Likewise, the Fission CLI connects with Fission peers to publish websites. In both cases, you can substitute your own peers by running your own Fission server.
Apps that use Webnative communicate with Fission peers through a shared worker provided by the Fission Auth Lobby. You can pass an instance of js-ipfs
to Webnative to bring your own peers.
More to come. We are planning to cover more concepts here. Come by our Discord server if you have questions on what we have covered so far.
Installing the Webnative SDK
You can add the webnative SDK to a project by loading it from a CDN or installing it with a package manager.
For prototyping or experimentation, you can use the latest version of the SDK.
We recommend linking to a specific version in production to avoid unexpected changes.
We recommend installing with a package manager for larger projects that use build tools or bundlers.
Install the SDK with npm
or your preferred package manager.
Import the SDK in your application.
The Fission CLI commands for generating credentials
Use fission generate credentials
to generate key pairs and DIDs.
The fission generate credentials
command generates a new Ed25519 key pair and an associated DID.
See the W3C did:key Method specification for details on the derivation of DIDs from public keys.
Generated key pairs are not stored anywhere and are not associated with your Fission user account. Be careful to store a copy somewhere safe.
The Fission Command Line Interface (CLI)
The Fission CLI is a developer tool for working with apps and managing your account on the Fission platform.
The Fission CLI uses multipart commands with the structure:
Commands group related subcommands into operations on apps or accounts. Options extend functionality or display help information.
Shortcuts combine a command and subcommand into a shortcut command:
The options that would apply to the multipart command also apply to the shortcut.
This guide covers the most commonly used options. More options are available for you to explore and you can always join our Discord to ask us more about them!
The --help
option displays a quick reference at any command level.
At the top level, fission --help
displays a high-level summary of all commands and shortcuts.
More information on global and app YAML configuration files.
Fission stores global and app configuration options in YAML files. The global configuration is stored in a config.yaml
file and app configurations are stored in fission.yaml
files.
After you run fission user setup
, you will have a global config.yaml
in your ~/.config/fission/
folder. You can open config.yaml
in a text editor or display it at the command line.
The default global config.yaml
will looks something like this:
In most cases, the only thing you will want to change in this file is the ignore
section. The other sections are managed by the Fission CLI.
Ignore is a list of files you don't want fission app publish
to publish. For example, you might add commonly ignored files and secrets.
Ignore follows the same conventions used in a .gitignore
file.
Username is a name you select for yourself during fission setup
.
The UCAN that was used to link from another device or browser. null
if the account was created on this device.
Server DID is the identity of the Fission server that authenticates your requests when using the Fission CLI.
We configure your machine to directly connect to our servers. The peers are the IP addresses and fingerprints of our servers.
You can also fetch our active public peers from the peers endpoint: https://runfission.com/ipfs/peers
Eventually, we'll have a list of peers around the world.
Timestamp of the last check for an updated version of the CLI.
The path to the key used to sign requests made when using the Fission CLI.
When you create a new app with fission app register
, a fission.yaml
file is created in the directory where you ran the command. The default fission.yaml
file looks something like:
Ignore works the same as the ignore in the global configuration. You can use it to list files that you do not want to publish.
You might use it to ignore a directory like node_modules
or all files with an extension like Photoshop .psd
files.
YAML can specify lists in a couple of different ways, both like this, or as comma-separated list shown in the global config.yaml
example above.
The URL where your app is viewable after it has been published.
Eventually, you will be able to publish different versions of your app -- for example, development, testing, production, etc. -- and use custom domains for your app.
The build directory is the directory the Fission CLI will publish. Use this when you have a build step that produces a production-ready version of your application.
The build directory is set as a relative path from the location of the fission.yaml
file.
If you are using a well-known build directory, the Fission CLI will attempt to detect it the first time you run fission app register
. It will prompt you and ask if you would like to use the directory it detects.
Authentication and Authorization with the Webnative SDK
Apps redirect users to the Auth Lobby to sign up and request authorization to use resources. Sign-up only happens once, and each subsequent visit from any app is for authorization only.
The Auth Lobby grants apps authorization to access WNFS. Apps request permission to use app-specific storage and additional public and private directories. The Auth Lobby creates a User Controlled Authorization Networks (UCAN) token that reflects the requested permissions.
Webnative checks the UCAN at initialization and returns an auth scenario.
AuthSucceded. The user has just returned from the Auth Lobby, and they granted the requested permissions.
Continuation. The user has already granted permission, and the UCAN has not expired.
AuthCancelled. The user denied the requested permissions.
NotAuthorised. The user has not granted permission yet or the UCAN has expired.
UCANs expire and users must periodically re-authorize apps through the Auth Lobby. All user data is preserved in WNFS across authorizations, including the data stored in App Storage.
One case where logging out is desirable is on a shared device. Logging out on a shared device can be accomplished in two steps:
Remove the UCAN token from apps that were granted permissions with the webnativewn.leave
function
Paths in the Webnative SDK
Webnative uses directory and file paths built from path segments by path functions.
Path Objects. The path functions create objects like { directory: ["public", "some", "directory"] }
or { file: ["public", "some", "file"] }
. We recommend you use path functions because they validate paths to make sure they are well-formed.
The Fission CLI commands to work with apps
Use the fission app
command and its subcommands to work with apps. The main operations are registering an app, publishing an app, and displaying information about an app.
The fission app register
command initializes a new app and links it to your Fission account.
You will be prompted for a build directory. The Fission CLI will publish your app from the build directory you select.
If you are using a common build directory, the Fission CLI will detect it when you run fission app register
and suggest it. You accept the suggestion or enter another build directory as a relative path from the fission.yaml
file.
The fission app register
command has advanced options:
Use the fission app publish
command to publish your app to the web. Run this command from the directory that contains your app's fission.yaml
configuration file.
The fission app publish
command publishes your app and associates it with the URL in the fission.yaml
file. After your app is published, the Fission CLI will output a success message and the URL for your app.
The fission up
command is a shortcut for fission app publish
.
The fission app publish
command has advanced options:
You can continuously publish your app by adding the --watch
option. The Fission CLI will watch your build directory and publish whenever it detects a change.
This means that as you work in your local development environment, changes are continuously streamed online as you save. Note that some development environments have different code and output options than "production", but this will allow you to quickly and easily share a live online version with other people.
Use fission app info
to display the URL where your app is viewable.
The fission app delegate
command delegates the capability to work with apps to a DID:
You can delegate apps you have registered on your machine or delegate from environment variables by setting FISSION_MACHINE_KEY
and FISSION_APP_UCAN
to an Ed25519 private key and a UCAN whose audience is associated with the key. Both environment variables must be set.
The command assumes least privilege by defaulting to Append
potency and limiting the UCAN lifetime to five minutes. Both potency and lifetime can be set when more potency or a longer lifetime are desired.
The fission app delegate
command has advanced options:
Users authenticate once per browser in the . If the user is new to Fission, they are prompted to sign up. They may also link an existing account from another browser.
Auth in webnative looks similar to an OAuth authentication flow but with an important difference. Webnative stores user credentials in the browser, and authentication through a third-party is not necessary. Private credentials are stored as CryptoKey
s to keep them secure. See the of the Fission Whitepaper for more details.
More on UCANs. Read more about UCANs in our blog post and in the .
Apps intialize webnative with and permissions. The redirectToLobby
method redirects users to the Auth Lobby, where users grant or deny permission to use their resources. redirectToLobby
takes an optional parameter, a URL that the lobby should redirect back to (the default is location.href
).
In most cases, users will not need to log out of an app or a device. Read more about this part of our vision for Fission-enabled apps in the forum post.
Log out from the Auth Lobby on the reset page ()
All webnative SDK methods expect paths created by path functions. See the for more path utility functions.
The Fission CLI will create a fission.yaml
configuration file with a list of files to ignore, a URL where your app will be viewable after it is published, and a build directory. See the for more information about the fission.yaml
file.
You can also use a custom domain name for your app. See the guide to set up a custom domain name.