AT Protocol Developers
@atproto.com
Social networking technology created by Bluesky.
Developer-focused account. Follow @bsky.app for general announcements!
Bluesky API docs: docs.bsky.app
AT Protocol specs: atproto.com
Developer-focused account. Follow @bsky.app for general announcements!
Bluesky API docs: docs.bsky.app
AT Protocol specs: atproto.com
"Find friends by phone" is a common tool in social networks. We're proposing a secure scheme and requesting comments from the dev community.
Goals:
・Double opt-in: you're not findable by your phone unless YOU use the tool
・Secure to enumeration attacks
・Resistant to decryption if compromised
Goals:
・Double opt-in: you're not findable by your phone unless YOU use the tool
・Secure to enumeration attacks
・Resistant to decryption if compromised
Request For Comments: A secure contact import scheme for social networks | Bluesky
This article outlines plans for a future Bluesky feature \- it doesn’t exist yet\! By sharing our ideas early, we hope to solicit feedback from the community.
docs.bsky.app
November 18, 2025 at 11:04 PM
"Find friends by phone" is a common tool in social networks. We're proposing a secure scheme and requesting comments from the dev community.
Goals:
・Double opt-in: you're not findable by your phone unless YOU use the tool
・Secure to enumeration attacks
・Resistant to decryption if compromised
Goals:
・Double opt-in: you're not findable by your phone unless YOU use the tool
・Secure to enumeration attacks
・Resistant to decryption if compromised
Reposted by AT Protocol Developers
Recently we hired @jimray.bsky.team as a new devrel at Bluesky, and I wanted to give him an overview of the Atmosphere. We recorded the session!
I give you: Squeeky Board with Paul and Jim, a detailed overview of AT://
I give you: Squeeky Board with Paul and Jim, a detailed overview of AT://
Squeeky Board with Paul and Jim
YouTube video by Paul Frazee
www.youtube.com
November 11, 2025 at 11:33 PM
Recently we hired @jimray.bsky.team as a new devrel at Bluesky, and I wanted to give him an overview of the Atmosphere. We recorded the session!
I give you: Squeeky Board with Paul and Jim, a detailed overview of AT://
I give you: Squeeky Board with Paul and Jim, a detailed overview of AT://
for folks working with the PLC identity system:
we are planning to remove a set of non-compliant operations from the directory, which should make it easier to implement replicas and audits. these are predominantly test operations created by security researchers.
we are planning to remove a set of non-compliant operations from the directory, which should make it easier to implement replicas and audits. these are predominantly test operations created by security researchers.
October 29, 2025 at 6:35 PM
for folks working with the PLC identity system:
we are planning to remove a set of non-compliant operations from the directory, which should make it easier to implement replicas and audits. these are predominantly test operations created by security researchers.
we are planning to remove a set of non-compliant operations from the directory, which should make it easier to implement replicas and audits. these are predominantly test operations created by security researchers.
app devs: we have some new AT OAuth resources and examples for you!
linked off this intro page we have new example projects showing how to do client auth using reference SDKs for TypeScript and Go.
and the buried lede: an Expo library for doing AT OAuth in React Native mobile apps
linked off this intro page we have new example projects showing how to do client auth using reference SDKs for TypeScript and Go.
and the buried lede: an Expo library for doing AT OAuth in React Native mobile apps
OAuth Introduction - AT Protocol
OAuth for AT Protocol application developers.
atproto.com
October 22, 2025 at 8:28 PM
app devs: we have some new AT OAuth resources and examples for you!
linked off this intro page we have new example projects showing how to do client auth using reference SDKs for TypeScript and Go.
and the buried lede: an Expo library for doing AT OAuth in React Native mobile apps
linked off this intro page we have new example projects showing how to do client auth using reference SDKs for TypeScript and Go.
and the buried lede: an Expo library for doing AT OAuth in React Native mobile apps
Reposted by AT Protocol Developers
atmosphere devs! 🧑🚀
just published a protocol checkin: docs.bsky.app/blog/protoco...
tl;dr
expect to see a lot of updates from us in the next few months. we're hard at work on making AT easier to build on & ensuring the network remains a resilient foundation for the future of open social
just published a protocol checkin: docs.bsky.app/blog/protoco...
tl;dr
expect to see a lot of updates from us in the next few months. we're hard at work on making AT easier to build on & ensuring the network remains a resilient foundation for the future of open social
Protocol Check-in (Fall 2025) | Bluesky
We last shared a protocol roadmap back in March 2025, and wow does time fly. If we're being honest, we haven't tied a bow on as many of these threads as we would've hoped. Oh time, strength, cash, and...
docs.bsky.app
October 20, 2025 at 9:59 PM
atmosphere devs! 🧑🚀
just published a protocol checkin: docs.bsky.app/blog/protoco...
tl;dr
expect to see a lot of updates from us in the next few months. we're hard at work on making AT easier to build on & ensuring the network remains a resilient foundation for the future of open social
just published a protocol checkin: docs.bsky.app/blog/protoco...
tl;dr
expect to see a lot of updates from us in the next few months. we're hard at work on making AT easier to build on & ensuring the network remains a resilient foundation for the future of open social
Reposted by AT Protocol Developers
okay and as promised, the bluesky PDS is officially open for returning users to migrate their accounts back!
hoping this lowers the stakes & gives folks the confidence to explore some other PDSs in the network!
docs.bsky.app/blog/incomin...
hoping this lowers the stakes & gives folks the confidence to explore some other PDSs in the network!
docs.bsky.app/blog/incomin...
Enabling Account Migration Back to Bluesky’s PDS | Bluesky
One of the core promises of AT is the seamless account migration between PDS hosts. Since federation opened up in the AT network, it has been possible to migrate away from the Bluesky PDS and between ...
docs.bsky.app
September 26, 2025 at 6:12 PM
okay and as promised, the bluesky PDS is officially open for returning users to migrate their accounts back!
hoping this lowers the stakes & gives folks the confidence to explore some other PDSs in the network!
docs.bsky.app/blog/incomin...
hoping this lowers the stakes & gives folks the confidence to explore some other PDSs in the network!
docs.bsky.app/blog/incomin...
All services should now be recovered!
An upstream network problem has been impacting almost all Bluesky network services for the past 3-4 hours. Posting and other public interactions are disrupted for many accounts.
As connectivity recovers, the firehose and other services will see large surges of events.
As connectivity recovers, the firehose and other services will see large surges of events.
September 24, 2025 at 1:16 PM
All services should now be recovered!
An upstream network problem has been impacting almost all Bluesky network services for the past 3-4 hours. Posting and other public interactions are disrupted for many accounts.
As connectivity recovers, the firehose and other services will see large surges of events.
As connectivity recovers, the firehose and other services will see large surges of events.
September 24, 2025 at 12:37 PM
An upstream network problem has been impacting almost all Bluesky network services for the past 3-4 hours. Posting and other public interactions are disrupted for many accounts.
As connectivity recovers, the firehose and other services will see large surges of events.
As connectivity recovers, the firehose and other services will see large surges of events.
Reposted by AT Protocol Developers
very excited to share this update about bringing AT to the IETF!
last week we uploaded two drafts to the IETF datatracker and today we heard that we’re approved to host a Birds of a Feather at IETF 124 (the formal meeting towards establishing a working group)
last week we uploaded two drafts to the IETF datatracker and today we heard that we’re approved to host a Birds of a Feather at IETF 124 (the formal meeting towards establishing a working group)
Taking AT to the IETF | Bluesky
Last week we posted two drafts to the IETF Data Tracker. This is the first major step towards standardizing parts of AT in an effort to establish long-term governance for the protocol.
docs.bsky.app
September 23, 2025 at 9:20 PM
very excited to share this update about bringing AT to the IETF!
last week we uploaded two drafts to the IETF datatracker and today we heard that we’re approved to host a Birds of a Feather at IETF 124 (the formal meeting towards establishing a working group)
last week we uploaded two drafts to the IETF datatracker and today we heard that we’re approved to host a Birds of a Feather at IETF 124 (the formal meeting towards establishing a working group)
Reposted by AT Protocol Developers
excited to share that we are following through on our earlier commitments and putting together an independent+neutral organization to house the DID PLC system, includes the directory service
Creating an Independent Public Ledger of Credentials (PLC) Directory Organization | Bluesky
The Bluesky Social app is built on an open network protocol that refers to each user by a unique Decentralized Identifier, or DID (a W3C standard). The most popular supported DID method was developed ...
docs.bsky.app
September 19, 2025 at 9:31 AM
excited to share that we are following through on our earlier commitments and putting together an independent+neutral organization to house the DID PLC system, includes the directory service
Quick update on Auth Scopes!
Covering the granular permissions roll out for end users and client app devs. Permission Sets and formal specifications are still being worked on. We recommend devs start exploring and experimenting, but hold off on shipping major production app updates for now.
Covering the granular permissions roll out for end users and client app devs. Permission Sets and formal specifications are still being worked on. We recommend devs start exploring and experimenting, but hold off on shipping major production app updates for now.
Progress on Auth Scopes Implementation (August 2025) · bluesky-social atproto · Discussion #4118
Since our last update on Auth Scopes, the Bluesky team has been hard at work adding support to our reference PDS implementation. Aspects of this work are starting to roll out in the production netw...
github.com
August 18, 2025 at 7:04 PM
Quick update on Auth Scopes!
Covering the granular permissions roll out for end users and client app devs. Permission Sets and formal specifications are still being worked on. We recommend devs start exploring and experimenting, but hold off on shipping major production app updates for now.
Covering the granular permissions roll out for end users and client app devs. Permission Sets and formal specifications are still being worked on. We recommend devs start exploring and experimenting, but hold off on shipping major production app updates for now.
Reposted by AT Protocol Developers
Adversarial ATProto PDS Migration www.da.vidbuchanan.co.uk/blog/adversa...
aka how to migrate your account if your old PDS explodes, and how to prepare for it in advance
aka how to migrate your account if your old PDS explodes, and how to prepare for it in advance
Adversarial ATProto PDS Migration | Blog
www.da.vidbuchanan.co.uk
July 28, 2025 at 6:50 PM
Adversarial ATProto PDS Migration www.da.vidbuchanan.co.uk/blog/adversa...
aka how to migrate your account if your old PDS explodes, and how to prepare for it in advance
aka how to migrate your account if your old PDS explodes, and how to prepare for it in advance
we just published an updated proposal for "Auth Scopes", and are interested in your feedback!
this is a mechanism for OAuth clients to request granular permissions to PDS resources. for example, only write repo records of specific types, or only authenticate to specific remote endpoints
this is a mechanism for OAuth clients to request granular permissions to PDS resources. for example, only write repo records of specific types, or only authenticate to specific remote endpoints
github.com
July 1, 2025 at 11:12 PM
we just published an updated proposal for "Auth Scopes", and are interested in your feedback!
this is a mechanism for OAuth clients to request granular permissions to PDS resources. for example, only write repo records of specific types, or only authenticate to specific remote endpoints
this is a mechanism for OAuth clients to request granular permissions to PDS resources. for example, only write repo records of specific types, or only authenticate to specific remote endpoints
OAuth updates for app devs!
Over the past few weeks we've been chatting with devs and doing a pass over our SDKs and docs to address issues. This blog post summarizes the main changes we've made, some tweaks still in flight, and links to longer form writing about security and design trade-offs
Over the past few weeks we've been chatting with devs and doing a pass over our SDKs and docs to address issues. This blog post summarizes the main changes we've made, some tweaks still in flight, and links to longer form writing about security and design trade-offs
OAuth Improvements | Bluesky
We've been making improvements to the end-user and developer experiences with atproto OAuth, and wanted to share some updates.
docs.bsky.app
June 13, 2025 at 7:26 PM
OAuth updates for app devs!
Over the past few weeks we've been chatting with devs and doing a pass over our SDKs and docs to address issues. This blog post summarizes the main changes we've made, some tweaks still in flight, and links to longer form writing about security and design trade-offs
Over the past few weeks we've been chatting with devs and doing a pass over our SDKs and docs to address issues. This blog post summarizes the main changes we've made, some tweaks still in flight, and links to longer form writing about security and design trade-offs
Two types of OAuth client are supported by atproto: "public" and "confidential"
This new article digs in to the security trade-offs and safety mechanisms at play, and how they impact different app architectures: TMBs, BFFs, SPAs, etc
This new article digs in to the security trade-offs and safety mechanisms at play, and how they impact different app architectures: TMBs, BFFs, SPAs, etc
OAuth Client Security in the Atmosphere · bluesky-social atproto · Discussion #3950
The following was written by the Bluesky team as an overview of OAuth client security considerations, especially for client app developers or readers of the ATProto OAuth profile specification. Set...
github.com
June 13, 2025 at 12:14 AM
Two types of OAuth client are supported by atproto: "public" and "confidential"
This new article digs in to the security trade-offs and safety mechanisms at play, and how they impact different app architectures: TMBs, BFFs, SPAs, etc
This new article digs in to the security trade-offs and safety mechanisms at play, and how they impact different app architectures: TMBs, BFFs, SPAs, etc
bsky.storage is an independent project that automates periodic account data backups to a storage network, and has a UI for PLC identity backup and recovery
tools like this give users stronger control of their online future, without needing to self-host an entire PDS
tools like this give users stronger control of their online future, without needing to self-host an entire PDS
The internet was meant to be free - your identity shouldn’t be locked behind a login screen.
Introducing bsky.storage 🐔🤝🦋
Now you can back up your Bluesky data hourly + recover your account if Bluesky ever goes dark. Simple, free, & fully in your control.
Learn more:
medium.com/@storacha/in...
Introducing bsky.storage 🐔🤝🦋
Now you can back up your Bluesky data hourly + recover your account if Bluesky ever goes dark. Simple, free, & fully in your control.
Learn more:
medium.com/@storacha/in...
Introducing bsky.storage: Own Your Social Identity
Take back control of your online identity. Our new tool, bsky.storage, backs up your Bluesky account hourly — free, secure &…
medium.com
June 12, 2025 at 6:13 PM
bsky.storage is an independent project that automates periodic account data backups to a storage network, and has a UI for PLC identity backup and recovery
tools like this give users stronger control of their online future, without needing to self-host an entire PDS
tools like this give users stronger control of their online future, without needing to self-host an entire PDS
we've rolled out some small changes to the DID PLC directory which make it possible to register new key types as verificationMethod entries, for non-atproto use cases.
(this does not impact the PLC rotation key mechanism itself; that is still limited to P-256 and K-256)
have fun building on PLC!
(this does not impact the PLC rotation key mechanism itself; that is still limited to P-256 and K-256)
have fun building on PLC!
Relaxing DID PLC Verification Method Constraints, June 2025 · bluesky-social atproto · Discussion #3928
We’ve made a minor change to the PLC Directory service, with the aim of expanding compatibility with non-atproto apps and services: “verificationMethod” keys can now be almost any key type, includi...
github.com
June 5, 2025 at 8:59 PM
we've rolled out some small changes to the DID PLC directory which make it possible to register new key types as verificationMethod entries, for non-atproto use cases.
(this does not impact the PLC rotation key mechanism itself; that is still limited to P-256 and K-256)
have fun building on PLC!
(this does not impact the PLC rotation key mechanism itself; that is still limited to P-256 and K-256)
have fun building on PLC!
Reposted by AT Protocol Developers
fresh atproto proposal! this one is for the oauth, app architecture, and security folks: github.com/bluesky-soci...
here we're defying the labels of traditionally "public" vs "confidential" oauth clients, and challenging assumptions about what it means to be a browser-based app. 1/8
here we're defying the labels of traditionally "public" vs "confidential" oauth clients, and challenging assumptions about what it means to be a browser-based app. 1/8
proposals/0010-client-assertion-backend at main · bluesky-social/proposals
Bluesky proposal discussions. Contribute to bluesky-social/proposals development by creating an account on GitHub.
github.com
June 5, 2025 at 2:36 AM
fresh atproto proposal! this one is for the oauth, app architecture, and security folks: github.com/bluesky-soci...
here we're defying the labels of traditionally "public" vs "confidential" oauth clients, and challenging assumptions about what it means to be a browser-based app. 1/8
here we're defying the labels of traditionally "public" vs "confidential" oauth clients, and challenging assumptions about what it means to be a browser-based app. 1/8
we've got a new proposal up with more Ozone moderation report reasons!
if you run a labeler, or develop a client which submits mod reports, take a look, and leave feedback on the linked Github discussion
if you run a labeler, or develop a client which submits mod reports, take a look, and leave feedback on the linked Github discussion
proposals/0009-mod-report-granularity at main · bluesky-social/proposals
Bluesky proposal discussions. Contribute to bluesky-social/proposals development by creating an account on GitHub.
github.com
May 21, 2025 at 6:21 PM
we've got a new proposal up with more Ozone moderation report reasons!
if you run a labeler, or develop a client which submits mod reports, take a look, and leave feedback on the linked Github discussion
if you run a labeler, or develop a client which submits mod reports, take a look, and leave feedback on the linked Github discussion
are you a dev building an independent app on atproto and want a smoother OAuth account sign-up flow?
are you a user wanting visibility and control over OAuth sessions?
PDS operator wanting to add some ✨sparkle✨?
this blog post is for you!
are you a user wanting visibility and control over OAuth sessions?
PDS operator wanting to add some ✨sparkle✨?
this blog post is for you!
Network Account Management | Bluesky
Accounts in the atproto network are app-neutral: a single account can be used for short posts, long-form blogging, events, and more. But until now, the best way for users to create and manage accounts...
docs.bsky.app
May 9, 2025 at 5:34 PM
are you a dev building an independent app on atproto and want a smoother OAuth account sign-up flow?
are you a user wanting visibility and control over OAuth sessions?
PDS operator wanting to add some ✨sparkle✨?
this blog post is for you!
are you a user wanting visibility and control over OAuth sessions?
PDS operator wanting to add some ✨sparkle✨?
this blog post is for you!
interested in relay infrastructure and firehose protocol details?
we have an update for you about our new relay implementation, and progress on rolling out Sync v1.1
we have an update for you about our new relay implementation, and progress on rolling out Sync v1.1
Relay Updates for Sync v1.1 | Bluesky
We have an updated relay implementation which incorporates Sync v1.1 protocol changes, and are preparing to switch over the bsky.network relay operated by Bluesky. This post describes new infrastructu...
docs.bsky.app
May 2, 2025 at 4:28 PM
interested in relay infrastructure and firehose protocol details?
we have an update for you about our new relay implementation, and progress on rolling out Sync v1.1
we have an update for you about our new relay implementation, and progress on rolling out Sync v1.1
Reposted by AT Protocol Developers
This is an article that I've wanted to write for over a year, and I finally got the chance to do it!
Atproto Ethos is a deep dive into how we think about protocol design - its influences, the core innovations, and the opinionated takes that we've adopted
Atproto Ethos is a deep dive into how we think about protocol design - its influences, the core innovations, and the opinionated takes that we've adopted
Atproto Ethos - AT Protocol
A deep dive into the philosophical and aesthetic principles underlying the design of AT Protocol.
atproto.com
April 4, 2025 at 7:21 PM
This is an article that I've wanted to write for over a year, and I finally got the chance to do it!
Atproto Ethos is a deep dive into how we think about protocol design - its influences, the core innovations, and the opinionated takes that we've adopted
Atproto Ethos is a deep dive into how we think about protocol design - its influences, the core innovations, and the opinionated takes that we've adopted
Reposted by AT Protocol Developers
Jay Graber @jay.bsky.team, CEO of Bluesky, gave a few remarks before lunch on Saturday.
"The AT Protocol here is what is fundamentally different, and because you're here today, you're different."
#ATmosphereConf
"The AT Protocol here is what is fundamentally different, and because you're here today, you're different."
#ATmosphereConf
Jay Graber Remarks, ATmosphere Seattle 2025
YouTube video by AT Protocol Development
youtu.be
March 25, 2025 at 2:55 PM
Jay Graber @jay.bsky.team, CEO of Bluesky, gave a few remarks before lunch on Saturday.
"The AT Protocol here is what is fundamentally different, and because you're here today, you're different."
#ATmosphereConf
"The AT Protocol here is what is fundamentally different, and because you're here today, you're different."
#ATmosphereConf
Reposted by AT Protocol Developers
Hey devs, this is an exciting one!
Just put up an early proposal for OAuth scopes in the atproto network. Eager to hear thoughts
github.com/bluesky-soci...
Just put up an early proposal for OAuth scopes in the atproto network. Eager to hear thoughts
github.com/bluesky-soci...
Proposal: OAuth Scopes · bluesky-social atproto · Discussion #3655
We’re continuing work on rolling OAuth out to the atproto network. Just recently, the Bluesky PDS distribution gained the ability for any network application to create an account on it (#3621). Thi...
github.com
March 20, 2025 at 5:55 PM
Hey devs, this is an exciting one!
Just put up an early proposal for OAuth scopes in the atproto network. Eager to hear thoughts
github.com/bluesky-soci...
Just put up an early proposal for OAuth scopes in the atproto network. Eager to hear thoughts
github.com/bluesky-soci...
Reposted by AT Protocol Developers
Seemed like a good moment to launch 3 minute videos! (Pressed the button from the audience!)
March 10, 2025 at 6:29 PM
Seemed like a good moment to launch 3 minute videos! (Pressed the button from the audience!)