The invited-guest user

Here is something that happens on the web every day: you get a link, you click it, and you have to create a user or login.

Why is that?

“Because sites need to know who you are” you are thinking to yourself.

Links are pretty smart at this point, though. They are unique, even when short. When an app sends a link — on behalf of your friend who shared it or just on behalf of itself — it knows the intent.

The link-intent is: hey dude, come check out this thing I am looking at right here. Where the recipient is dude, the permission is look at it, and the object is what I see right now.

Instead what happens now is: click the link and the site says “who are you? auth yourself!” At this stage it frequently happens that the link intent is gone. You auth/signup and then it doesn’t redirect to the originally intended page (usually a mistake). Other times you do link through. Great. They got a new user registered.

But how about another model? You click the link and you see what the sender intended. The site doesn’t know for sure it is YOU, just that you have the link. So it shows you the page, and if you try to do something it shows a username box like “Choose username”. And if you fill that out it asks you if you want to create a password. Or not. Like a link.

Maybe you come back later –> it reads your cookie and it remembers you saw some stuff, maybe you made a username but didn’t password it.

So you try to do something new this time — like add a comment or edit one. Well you will need a password at this stage so… here you go.

What is happening? The app has an invited-user concept now. It only knows “this guy is invited” and can see x.

You end up with plain old visitors, invited-users, (maybe also name-only-users), full users. Four.

The world needs this. Make it.