@@ -14,6 +14,7 @@ "alin.ovh/homestead/domain/analytics/goatcounter"
 	"alin.ovh/homestead/domain/analytics/nullcounter"
 	"alin.ovh/homestead/domain/calendar"
 	"alin.ovh/homestead/domain/content/fetcher"
+	"alin.ovh/homestead/domain/identity"
 	"alin.ovh/homestead/domain/web/server"
 	"alin.ovh/homestead/domain/web/templates"
 	"alin.ovh/homestead/shared/config"
@@ -26,7 +27,6 @@ "alin.ovh/x/log"
 	"github.com/Southclaws/fault"
 	"github.com/Southclaws/fault/fmsg"
 
-	"github.com/benpate/digit"
 	"github.com/crewjam/csp"
 	"github.com/osdevisnot/sorvor/pkg/livereload"
 )
@@ -51,8 +51,7 @@ counter      stats.Counter
 	log          *log.Logger
 	reader       storage.Reader
 	calendar     *calendar.Calendar
-	me           digit.Resource
-	acctResource string
+	identity     *identity.Service
 	CSP          *csp.Header
 	*server.App
 }
@@ -200,17 +199,13 @@ }()
 
 	<-firstUpdate
 
-	website.acctResource = "acct:" + cfg.OIDCEmail
-	website.me = digit.NewResource(website.acctResource).
-		Link("http://openid.net/specs/connect/1.0/issuer", "", cfg.OIDCHost.String())
+	website.identity = identity.New(cfg, log.Named("identity"))
 
 	mux := ihttp.NewServeMux()
 	mux.HandleError(website.ErrorHandler)
 	mux.Handle("/", website)
 	mux.HandleFunc("/calendar", website.Calendar)
-	mux.HandleFunc("/.well-known/webfinger", website.webfinger)
-	const oidcPath = "/.well-known/openid-configuration"
-	mux.ServeMux.Handle(oidcPath, ihttp.RedirectHandler(cfg.OIDCHost.JoinPath(oidcPath), 302))
+	website.identity.RegisterHandlers(mux)
 
 	if opts.Development {
 		staticHandler := func(w http.ResponseWriter, r *http.Request) *ihttp.Error {