Skip to content
Why Farcaster Doesn't Need OAuth 2.0

Why Farcaster Doesn't Need OAuth 2.0

OAuth exists to let three separate parties (user → platform → third-party app) establish mutual trust. Farcaster is built on a decentralized architecture that collapses this triangle:

1. Identity & Authentication

  • User-owned keys: A user controlled crypotgraphic signature proves control of a Farcaster ID—no intermediary.
  • Dev mappings
    • Sign In with X → Sign-in with Farcaster (SIWF)
    • OAuth 2.0 Authorization Flow → Quick Auth

2. Data Access & Permissions

  • Open, replicated data: Social data like casts, reactions, and profiles live on Snapchain and can be read by anyone.
  • No permission scopes: Everything is already public; you filter what you need instead of requesting scopes.
  • Zero-cost reads: Sync the chain yourself or hit a public indexer—no rate caps, no $5k +/month fire-hoses.
  • Cryptographic writes: Users can delegate a key to applications so the applications can writes on their behalf.
  • Dev mappings
    • Centralized APIs → Snapchain + infra services (e.g. Neynar)
    • Access token → no equivalent, data is public
    • Write permissions → App Keys

Builder Takeaways

  1. Skip OAuth flows—wallet signature = auth.
  2. Forget permission scopes—use filters.
  3. Enjoy building permissionlessly

Resources