Well-known URI
A well-known URI is a Uniform Resource Identifier for URL path prefixes that start with /.well-known/
. They are implemented in webservers so that requests to the servers for well-known services or information are available at URLs consistent well-known locations across servers.
Description
Well-known URIs are Uniform Resource Identifiers defined by the IETF in RFC 8615.[ 1] They are URL path prefixes that start with /.well-known/
. This implementation is in response to the common expectation for web-based protocols to require certain services or information be available at URLs consistent across servers, regardless of the way URL paths are organized on a particular host. The URIs are implemented in webservers so that requests to the servers for well-known services or information are available at URLs consistently in well-known locations across servers.
The IETF has defined a simple way for web servers to hold metadata that any user agent (e.g., web browser ) can request. The metadata is useful for various tasks, including directing a web user to use a mobile app instead of the website or indicating the different ways that the site can be secured. The well-known locations are used by web servers to share metadata with user agents; sometimes these are files and sometimes these are requests for information from the web server software itself. The way to declare the different metadata requests that can be provided is standardized by the IETF so that other developers know how to find and use this information.
Use
The path well-known URI begins with the characters /.well-known/
, and whose scheme is "HTTP", "HTTPS", or another scheme that has explicitly been specified to use well-known URIs. As an example, if an application hosts the service "example", the corresponding well-known URIs on https://www.example.com/
would start with https://www.example.com/.well-known/example
.[ 1]
Information shared by a web site as a well-known service is expected to meet a specific standard. Specifications that need to define a resource for such site-wide metadata can register their use with Internet Assigned Numbers Authority (IANA) to avoid collisions and minimize impingement upon sites' URI space.
List of well-known URIs
The list below describes known standards for .well-known services that a web server can implement.
URI suffix
Description
Reference
Date of IANA registration
acme-challenge
Automated Certificate Management Environment (ACME)
[ 2]
2019-03-01
ai-plugin.json
Manifest for a ChatGPT plugin.
[ 3]
apple-app-site-association
An Apple service that enables secure data exchange between iOS and a website.
[ 4]
apple-developer-merchantid-domain-association
Apple Pay
[ 5]
ashrae
BACnet - A Data Communication Protocol for Building Automation and Control Networks
[ 6]
2016-01-22
assetlinks.json
AssetLinks protocol used to identify one or more digital assets (such as web sites or mobile apps) that are related to the hosting web site in some fashion.
[ 7]
2015-09-28
atproto-did
Handle-to-DID resolution for AT Protocol
[ 8]
autoconfig/mail
Mozilla Thunderbird mail autoconfiguration service
[ 9]
browserid
Mozilla Persona
caldav
Locating Services for Calendaring Extensions to WebDAV (CalDAV ) and vCard Extensions to WebDAV (CardDAV )
[ 10]
carddav
Locating Services for Calendaring Extensions to WebDAV (CalDAV ) and vCard Extensions to WebDAV (CardDAV )
[ 10]
change-password
Helps password managers find the URL for the change password section.
[ 11]
coap
CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets
[ 12]
2017-12-22
com.apple.remotemanagement
Apple account-based user enrollment for Mobile device management
[ 13] [ 14]
core
Constrained RESTful Environments (CoRE ) Link Format
[ 15]
csvm
CSV metadata, Model for Tabular Data and Metadata on the Web
[ 16]
2015-09-28
dat
Links domain to Dat identifier, used by Beaker web browser .[ 17]
[ 18]
did.json
did:web Decentralized Identifiers (DIDs) for the Web
discord
Domain verification for Discord account connection
[ 19]
dnt
Site-wide tracking status resource
[ 20]
2015-08-19
dnt-policy.txt
A privacy-friendly Do Not Track (DNT) Policy
[ 21]
2015-08-19
est
Enrollment over Secure Transport (EST)
[ 22]
2013-08-16
genid
The Resource Description Framework (RDF) Skolem IRIs
[ 23]
2012-11-15
gpc
Global Privacy Control (GPC)
[ 24]
hoba
HTTP Origin-Bound Authentication (HOBA )
[ 25]
2015-01-20
host-meta
Web Host Metadata
[ 26]
host-meta.json
Web Host Metadata
[ 26]
http-opportunistic
Opportunistic Security for HTTP/2
[ 27]
2017-03-20
keybase.txt
Used by the Keybase project to identify a proof that one or more people whose public keys may be retrieved using the Keybase service have administrative control over the origin server from which it is retrieved.
[ 28]
2014-04-08
matrix
Provides discovery for both client and server APIs to the Matrix federated protocol.
[ 29]
mercure
Discovery of Mercure hubs. Mercure is a protocol enabling the pushing of data updates to web browsers and other HTTP clients in a fast, reliable and battery-efficient way.
[ 30]
mta-sts.txt
SMTP MTA Strict Transport Security Policy
[ 31]
2018-06-21
ni
Naming Things with Hashes
[ 32]
nodeinfo
Metadata for federated social networking servers
[ 33]
nostr.json
Discovery of Nostr public keys and related relays, according to NIP-05
[ 34]
2024-03-18
oauth-authorization-server
OAuth Authorization Server Metadata
[ 35]
2018-03-27
openid-configuration
OpenID Connect
[ 36]
2013-08-27
openorg
Organisation Profile Document
[ 37]
2015-05-29
openpgpkey
OpenPGP Web Key Service
[ 38]
pki-validation
CA/Browser Forum’s Baseline Requirements Certificate Policy for the Issuance and Management of Publicly-Trusted Certificates
[ 39]
2017-02-06
posh
PKIX over Secure HTTP (POSH)
[ 40]
2015-09-20
privacy-sandbox-attestations.json
The Google Chrome Privacy Sandbox attestation file
[ 41]
pubvendors.json
The IAB pubvendors.json tech spec, which provide a standard for publishers to publicly declare the vendors that they work with, and their respective data rights/configuration.
[ 42]
2020-09-07
reload-config
REsource LOcation And Discovery (RELOAD ) Base Protocol
[ 43]
repute-template
A Reputation Query Protocol
[ 44]
2013-09-30
resourcesync
ResourceSync Framework Specification
[ 45]
2017-05-26
security.txt
Standard to help organizations define the process for security researchers to disclose security vulnerabilities
[ 46]
2018-08-20
statements.txt
Standard for collective contract signing
[ 47]
stun-key
Session Traversal Utilities for NAT (STUN ) Extension for Third-Party Authorization
[ 48]
2015-06-12
tdmrep.json
Domain-wide TDM (Text and Data Mining) reservation
[ 49]
time
Time over HTTPS specification
[ 50]
2015-12-09
timezone
Time Zone Data Distribution Service
[ 51]
2015-08-03
uma2-configuration
User-Managed Access (UMA) 2.0 grant for OAuth 2.0 authorization
[ 52]
2017-06-20
vercel/flags
Overridable Feature Flag's for Vercel 's Toolbar
[ 53]
void
Describing Linked Datasets with the VoID Vocabulary
[ 54]
2011-05-11
webfinger
WebFinger
[ 55]
2013-03-15, 2013-09-06
xrp-ledger.toml
XRP ledger node & account information.
[ 56]
References
^ a b Nottingham, Mark (May 6, 2019). Well-Known Uniform Resource Identifiers (URIs) . IETF . doi :10.17487/RFC8615 . RFC 8615 .
^ Barnes, Richard; Hoffman-Andrews, Jacob; McCarney, Daniel; Kasten, James (March 6, 2019). Automatic Certificate Management Environment (ACME) . IETF . doi :10.17487/RFC8555 . RFC 8555 .
^ "Getting Started - OpenAI API" . platform.openai.com . Archived from the original on 2023-03-25. Retrieved 2023-03-25 .
^ "App Search Programming Guide: Support Universal Links" . developer.apple.com . Archived from the original on 2016-03-31. Retrieved 2016-08-13 .
^ "Apple Developer Documentation" . developer.apple.com . Archived from the original on 2016-09-20. Retrieved 2016-08-13 .
^ "Proposed Addendum am to Standard 135-2012, BACnet - A Data Communication Protocol for Building Automation and Control Networks" (PDF) . Archived from the original (PDF) on 2018-05-08. Retrieved 2018-02-07 .
^ "Getting Started | Google Digital Asset Links" . Google Developers . Archived from the original on 2016-11-05. Retrieved 2016-08-13 .
^ "Handle | AT Protocol" . atproto.com . Archived from the original on 2024-02-16. Retrieved 2024-02-16 .
^ "Thunderbird:Autoconfiguration - MozillaWiki" . Archived from the original on 2021-07-30. Retrieved 2021-07-30 .
^ a b Daboo, Cyrus (February 6, 2013). Locating Services for Calendaring Extensions to WebDAV (CalDAV) and vCard Extensions to WebDAV (CardDAV) . IETF . doi :10.17487/RFC6764 . RFC 6764 .
^ "A Well-Known URL for Changing Passwords" . w3c.github.io . Archived from the original on April 21, 2022. Retrieved February 6, 2022 .
^ Bormann, Carsten; Lemay, Simon; Tschofenig, Hannes; Hartke, Klaus; Silverajan, Bill; Raymor, Brian (February 6, 2018). CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets . IETF . doi :10.17487/RFC8323 . RFC 8323 .
^ "How users enroll their personal devices" . support.apple.com . Archived from the original on 2024-08-15. Retrieved 2022-04-23 .
^ "Discover Authentication Servers" . developer.apple.com . Archived from the original on 2024-08-15. Retrieved 2022-04-23 .
^ Shelby, Zach (August 6, 2012). Constrained RESTful Environments (CoRE) Link Format . IETF . doi :10.17487/RFC6690 . RFC 6690 .
^ "Model for Tabular Data and Metadata on the Web" . www.w3.org . 17 December 2015. Archived from the original on 2024-08-15. Retrieved 2021-10-06 .
^ "Use a domain name with dat://" . beakerbrowser.com . Archived from the original on 2020-01-14. Retrieved 2020-08-24 .
^ "DEP-0005: DNS - Dat Protocol" . www.datprotocol.com .
^ "advaith (@[email protected] )" . Mastodon . 2023-07-17. Archived from the original on 2024-08-15. Retrieved 2023-08-29 .
^ "Tracking Preference Expression (DNT)" . www.w3.org . Archived from the original on 2024-08-15. Retrieved 2021-10-06 .
^ "A privacy-friendly Do Not Track (DNT) Policy" . Electronic Frontier Foundation . April 24, 2014. Archived from the original on May 11, 2021. Retrieved February 7, 2018 .
^ Pritikin, Max; Yee, Peter E.; Harkins, Dan (October 6, 2013). Enrollment over Secure Transport . IETF . doi :10.17487/RFC7030 . RFC 7030 .
^ "RDF 1.1 Concepts and Abstract Syntax" . www.w3.org . Archived from the original on 2024-08-15. Retrieved 2021-10-06 .
^ "Global Privacy Control (GPC)" . Global Privacy Control (GPC) - Proposal 22 March 2024 . Archived from the original on 2024-06-13. Retrieved 2024-06-13 .
^ Farrell, Stephen; Hoffman, Paul E.; Thomas, Michael (March 6, 2015). "Other Parts of the HOBA Process" . HTTP Origin-Bound Authentication (HOBA) . IETF . sec. 6. doi :10.17487/RFC7486 . RFC 7486 .
^ a b Cook, Blaine; Hammer-Lahav, Eran (October 6, 2011). Hammer-Lahav, E (ed.). Web Host Metadata . IETF . doi :10.17487/RFC6415 . RFC 6415 .
^ Nottingham, Mark; Thomson, Martin (May 6, 2017). "The "http-opportunistic" Well-Known URI" . Opportunistic Security for HTTP/2 . IETF . sec. 2.3. doi :10.17487/RFC8164 . RFC 8164 .
^ "The "keybase.txt" Well-Known Resource Identifier" . keybase.io . Archived from the original on 2024-08-15. Retrieved 2018-02-07 .
^ "Client-Server API" . Archived from the original on 2024-08-15. Retrieved 2020-06-17 .
^ "Mercure.rocks: Mercure: The Specification" . mercure.rocks . Archived from the original on 2020-09-24. Retrieved 2019-11-21 .
^ Margolis, Daniel; Risher, Mark; Ramakrishnan, Binu; Brotman, Alex; Jones, Janet (September 6, 2018). "MTA-STS Policies" . SMTP MTA Strict Transport Security (MTA-STS) . IETF . sec. 3.2. doi :10.17487/RFC8461 . RFC 8461 .
^ Farrell, Stephen; Kutscher, Dirk; Dannewitz, Christian; Ohlman, Börje; Keränen, Ari; Hallam-Baker, Phillip (April 6, 2013). Naming Things with Hashes . IETF . doi :10.17487/RFC6920 . RFC 6920 .
^ "NodeInfo" . July 19, 2021. Archived from the original on May 18, 2019. Retrieved February 7, 2019 – via GitHub.
^ "NIP-05: Mapping Nostr keys to DNS-based internet identifiers" . github.com .
^ Jones, Michael B.; Sakimura, Nat; Bradley, John (June 28, 2018). OAuth 2.0 Authorization Server Metadata . IETF . doi :10.17487/RFC8414 . RFC 8414 .
^ "Final: OpenID Connect Discovery 1.0 incorporating errata set 1" . openid.net . Archived from the original on 2021-10-28. Retrieved 2021-10-06 .
^ "Organisation Profile Documents" . opd.data.ac.uk .
^ Koch, Werner. OpenPGP Web Key Directory . IETF . I-D draft-koch-openpgp-webkey-service-07.
^ "Baseline Requirements Certificate Policy for the Issuance and Management of Publicly-Trusted Certificates" (PDF) . Archived (PDF) from the original on 2018-09-10. Retrieved 2018-02-07 .
^ Miller, Matthew A.; Saint-Andre, Peter (November 6, 2015). PKIX over Secure HTTP (POSH) . IETF . doi :10.17487/RFC7711 . RFC 7711 .
^ "Enroll for the Privacy Sandbox" . Google for Developers . Retrieved 2024-10-17 .
^ "web" .[dead link ]
^ Jennings, Cullen; Lowekamp, Bruce; Rescorla, Eric; Baset, Salman; Schulzrinne, Henning (January 6, 2014). Lowekamp, B (ed.). REsource LOcation And Discovery (RELOAD) Base Protocol . IETF . doi :10.17487/RFC6940 . RFC 6940 .
^ Borenstein, Nathaniel S. ; Kucherawy, Murray (November 6, 2013). A Reputation Query Protocol . IETF . doi :10.17487/RFC7072 . RFC 7072 .
^ "ANSI/NISO Z39.99-2017" .
^ "security.txt" . security.txt .
^ "The "statements.txt" Well-Known Resource Identifier" . stated.ai .
^ Reddy.K, Tirumaleswar; Patil, Prashanth; R, Ram; Uberti, Justin (August 6, 2015). Session Traversal Utilities for NAT (STUN) Extension for Third-Party Authorization . IETF . doi :10.17487/RFC7635 . RFC 7635 .
^ "TDM Reservation Protocol (TDMRep) ; Final Community Group Report" . Text and Data Mining Reservation Protocol Community Group. 2022. Retrieved 2023-06-01 .
^ "20151129 Time over HTTPS specification — PHKs Bikeshed" . phk.freebsd.dk . Archived from the original on 2019-05-31. Retrieved 2018-02-07 .
^ Douglass, Michael; Daboo, Cyrus (March 6, 2016). Time Zone Data Distribution Service . IETF . doi :10.17487/RFC7808 . RFC 7808 .
^ Maler, E.; Machulak, M.; Richer, J. (January 7, 2018). "User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization" . docs.kantarainitiative.org .
^ "Toolbar Flags Reference" . vercel.com . Archived from the original on 2024-09-09. Retrieved 2024-09-09 .
^ "Describing Linked Datasets with the VoID Vocabulary" . www.w3.org . Archived from the original on 2021-10-22. Retrieved 2021-10-06 .
^ Jones, Paul; Salgueiro, Gonzalo; Jones, Michael; Smarr, Joseph (September 6, 2013). WebFinger . IETF . doi :10.17487/RFC7033 . RFC 7033 .
^ "xrp-ledger.toml File | XRPL.org" . xrpl.org .