Copyright © 2025 World Wide Web Consortium. W3C® liability, trademark and permissive document license rules apply.
[@@ from charter]
The Linked Web Storage Protocol specification aims to provide applications with secure and permissioned access to externally stored data in an interoperable way.
The Linked Web Storage Protocol does/does not include protocol details for integration with identity layers and mechanisms; access management and data integrity; notifications about resource changes; and authorization mechanisms.
This document is merely a W3C-internal document. It has no official standing of any kind and does not represent consensus of the W3C Membership.
This is an unofficial proposal.
This section is non-normative.
List of TODOs and ideas in flux to enable editors to communicate asynchronously.
This section is non-normative.
The LWS Protocol defines standard interactions by which a some party can make some resources available to some agents.
A resource manager may keep a served resource private, may make it publicly available to anyone, or may limited its visibility to a constrained set of requesting agents.
As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.
The key words MAY, MUST, MUST NOT, OPTIONAL, RECOMMENDED, REQUIRED, and SHOULD in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
A LWS REST Server is an HTTP server [rfc9112] that complies with all of the relevant "MUST" statements in this specification. Specifically, the relevant normative "MUST" statements in Sections 999 REST Binding of this document MUST be respected.
A LWS REST Client is an HTTP client [rfc9112] that complies with all of the relevant "MUST" statements in this specification. Specifically, the relevant normative "MUST" statements in Sections 999 REST Binding of this document MUST be respected.
The terms "authorization server" and "client" are defined by the OAuth 2.0 Authorization Framework [RFC6749].
The terms "end-user" and "issuer" are defined by OpenID Connect Core 1.0 [OPENID-CONNECT-CORE].
This specificaiton defines the following terms:
This specification defines operations on served resources, the resulting change of state, and a response indended to give the requesting agent requested infomation or inform them of the outcome of the operation. An operation is any of the following actions that can be performed on a served resource:
The folowing section will describe the semantics and responses of these operations but the following core responses apply to any operation:
This section defines a mechanism for identifying agents and end users that interact with a linked web storage server. This specification does not mandate a particular format for end-user credentials, though it does describe how existing identity systems can be used in conjunction with the linked web storage authorization framework.
The data model described in this section outlines the requirements for any concrete serialization of an end-user credential.
An end-user credential MUST include tamper evident claims about a subject, including:
Validation of an end-user credential requires a trust relationship between the verifier and issuer of the credential. This trust relationship MAY be established through an out-of-band mechanism. Any additional mechanisms for establishing trust between a verifier and an issuer are outlined in specific authentication suites.
An end-user credential MUST be signed. It is RECOMMENDED that the signature uses asymmetric cryptography.
Each authentication suite MUST be associated with a token type URI. An authentication suite SHOULD use a URI defined in the IANA "OAuth URI" registry.
A storage description resource provides information a client can use when when interacting with a storage, including descriptions of capabilities and service endpoints.
id property is REQUIRED. Its value MUST be a URI that identifies the storage.
type property is REQUIRED. Its value MUST be a string that equals
Storage or a set of strings that contains an item equal to Storage.
capability property is OPTIONAL. Its value MUST be a set of
capabilities, where each capability is described by a map containing the following properties.
Additional properties MAY be present.
id property is OPTIONAL. If present, its value MUST be a URI.type property is REQUIRED. Its value MUST be a string or a set of strings.service property is OPTIONAL. Its value MUST be a set of services,
where each service is described by a map containing the following properties. Additional properties MAY be present.
id property is OPTIONAL. If present, its value MUST be a URI.type property is REQUIRED. Its value MUST be a string or a set of strings.serviceEndpoint property is REQUIRED. Its value MUST be a URI.{
"@context": "https://www.w3.org/ns/lws/v1",
"id": "https://storage.example/root/",
"type": "Storage",
"service": [{
"type": "StorageDescription",
"serviceEndpoint": "https://storage.example/root/description"
}]
}
All responses to GET and HEAD requests targeting storage resources MUST include a
Link header whose target is the URI of the storage description resource, including a relation
(rel) parameter whose value equals https://www.w3.org/ns/lws#storageDescription.
When dereferenced, the storage description MUST contain an id property that identifies the
storage. In addition, the storage property MUST contain a service description whose type equals
StorageDescription and whose serviceEndpoint equals the URL of the
storage description.
A storage description may contain descriptions of additional capabilities supported by the storage.
In addition to a StorageDescription service, a storage description resource may contain links
to other services connected to a storage. The API definition of these services are outside the scope of
this specification.
A storage description resource MUST be serializable with the media type application/lws+json.
Other representations MAY be available via content negotiation.
{
"@context": "https://w3.org/ns/lws/v1.jsonld",
"id": "https://storage.example/root/",
"type": "Storage",
"capability": [{
"type": "https://feature.example/PatchSupport",
"mediaType": {
"text/turtle": ["application/sparql-update"],
"application/n-triples": ["application/sparql-update"],
"application/linkset+json": ["application/merge-patch+json", "application/json-patch+json"]
}
}, {
"type": "https://feature.example/ResumableUploads"
}, {
"type": "https://feature.example/ContentNegotiation",
"source": "application/ld+json",
"target": ["text/turtle", "application/n-triples"]
}, {
"type": "https://feature.example/ContentNegotiation",
"source": "image/jpeg",
"target": ["image/png"]
],
"service": [{
"type": "NotificationService",
"serviceEndpoint": "https://storage.example/notification/api"
}, {
"type": "TypeIndexService",
"serviceEndpoint": "https://storage.example/types/api"
}, {
"type": "DataSharingService",
"serviceEndpoint": "https://storage.example/sharing/api"
}]
}In addition to the core responses, a create operation may produce any of:
The read resource operation requests a resource representation. Draw from Solid Protocol - Reading Resources.
The update resource modifies the contents of a served resource. Draw from Solid Protocol - Reading Resources.
Define the data model for logical resource organization within LWS, including how containers are structured, hierarchical relationships between resources, container semantics, containment rules, and the mechanisms for organizing and navigating collections of related resources. This should cover container creation, membership management, and the relationship between containers and the resources they contain.
This strawman mapping of the operations and responses defined above allows LWS REST Servers and LWS REST Clients to communicate over HTTP using REST conventions.
The following table maps LWS response to an HTTP status code and payload:
| LWS response | HTTP status code | HTTP payload |
|---|---|---|
| success | 200 | resource representation |
| not permitted | ... | |
| unknown requester | ... | |
| unknown error | ... | |
| created | 201 |
Define how resources are identified and addressed within the LWS Protocol, including URI schemes, resource naming conventions, and resolution mechanisms. This section may be moved within another section; e.g. Resource Access
this left intentionally blank
The features described in this section are being drafted to ground discussions and may be removed if there is:
this left intentionally blank
Define mechanisms for content negotiation based on profiles, allowing clients to request specific representations or views of resources (e.g., JSON-LD contexts, different RDF serializations, or application-specific profiles).
this left intentionally blank
Define notification mechanisms that allow clients to be informed of changes to resources, including subscription models, event formats, and delivery mechanisms.
this left intentionally blank
Define inbox resources with specific semantics within LWS, including message posting, retrieval, and management capabilities for asynchronous communication patterns.
this left intentionally blank
Describe considerations for ensuring LWS implementations can work across different platforms, environments, and storage backends while maintaining interoperability - and provide affordances to enable change in storage providers
this left intentionally blank
Formal security considerations section covering threat models, security requirements, and implementation guidance for secure LWS deployments.
All communications related to requesting, retrieving and presenting end-user credentials between clients and servers must use TLS-protected connections.
End-user credentials are vulnerable to theft and replay. Tokens should have a reasonably short lifetime, such as 3600 seconds (1 hour).
Clients that persist end-user credentials must take great care to store these tokens securely. Tokens should never be stored unencrypted in a browser's localStorage, in URLs or in logs.
Privacy implications of the LWS Protocol, including data minimization, user consent, and privacy-preserving implementation patterns.
End-user credentials carry information about users. While digital signatures can protect end-user credentials against tampering, it is possible for clients or other third parties to read the values inside an unencrypted credential.
As a result, issuers should create end-user credentials that contain only the information necessary for authentication. Avoid including sensitive attributes unless required.
Implementations should not log the full contents of an end-user credential. If logging is necessary, tokens should be truncated or hashed.
This section is non-normative.
This specification adds the following value to the "Well-Known URIs" registry [IANA.well-known] established by RFC 5785 [RFC5785].
This specification registers the application/lws+json media type for identifying documents conforming to the
linked web storage document format.
application/lws+json media type are required to conform to
all of the requirements for the application/json media type and are therefore subject to the same encoding
considerations specified in Section 11 of [RFC8259].
Referenced in: