ActivityPub

ActivityPub is an open, decentralized social networking protocol standardized by the World Wide Web Consortium (W3C). It allows independent servers, or instances, to communicate with each other, enabling users on different platforms to interact seamlessly. This creates a federated network, often called the Fediverse, where services like Mastodon, PeerTube, and Pixelfed can share content and follow users across server boundaries. The protocol defines a client-to-server API for user interactions and a server-to-server API (often called the Federation Protocol) for inter-instance communication using the ActivityStreams 2.0 data format.

At its core, ActivityPub models social interactions as Activities—such as Create, Like, Follow, and Announce (boost/repost)—performed by Actors (users, groups, applications). These activities are serialized as JSON-LD and exchanged between servers over HTTP. This design allows for a pub/sub (publish-subscribe) model: when a user posts a message, their server delivers Create activities to the inboxes of followers, which may be on remote servers. This decentralized delivery mechanism is the foundation of federation, eliminating the need for a central controlling entity.

A key architectural principle of ActivityPub is actor-centric addressing. Every user and resource has a globally unique identifier, typically a URL (e.g., @user@instance.social). This WebFinger identifier allows servers to discover a user's profile and endpoints. The protocol emphasizes privacy and access control, allowing servers to enforce permissions and authenticate requests using HTTP signatures. Unlike monolithic platforms, this federation model gives instance administrators control over their own community rules, data policies, and moderation tools, while still participating in the broader network.

The practical impact of ActivityPub is the creation of an interoperable social web. For example, a user on a Mastodon instance can follow a channel from a PeerTube video platform or an artist on a Pixelfed photo-sharing instance. All interactions—likes, comments, shares—flow between these disparate applications. This challenges the walled garden model of traditional social media by preventing platform lock-in and promoting user choice, data ownership, and resilience against single points of failure or censorship.

For developers, implementing ActivityPub involves supporting the standardized ActivityStreams vocabulary and the two primary APIs. The Client-to-Server API handles user authentication, posting, and inbox management, similar to a traditional social media app. The Server-to-Server (Federation) API handles the POSTing of activities to remote inboxes and GETing from remote outboxes. This separation allows for diverse client applications while ensuring reliable federation between server software, fostering a rich ecosystem of compatible services.

ActivityPub is a decentralized social networking protocol that enables servers, called ActivityPub servers, to communicate and share social activities—such as posts, likes, and follows—using a standardized data format and client-server API. It is the foundational protocol for the Fediverse, a network of interconnected but independent social platforms like Mastodon, PeerTube, and Pixelfed. The protocol is defined by the World Wide Web Consortium (W3C) as a Recommendation, ensuring it is an open, vendor-neutral standard for building interoperable social applications.

The protocol operates on two primary layers: the Client-to-Server (C2S) API and the Server-to-Server (S2S) API. The C2S API allows a user's client application (e.g., a Mastodon web app) to interact with their home server to create, update, and delete content. The S2S API, also known as the Federation Protocol, is how servers discover and communicate with each other to deliver activities across the network. This dual-API structure separates local user management from cross-instance federation, providing both flexibility and scalability.

At its core, ActivityPub uses ActivityStreams 2.0 as its data format, representing all interactions as JSON-LD objects with specific types like Note, Create, Like, and Follow. When a user on one server (e.g., mastodon.social) follows a user on another server (e.g., pixelfed.instance), their server sends a Follow Activity to the target user's inbox. The receiving server authenticates the request and, if accepted, adds the follower and begins delivering the target user's future posts to the follower's inbox, establishing a federated connection.

Delivery and Inboxes are central to the protocol's operation. Each actor (a user, group, or application) has an inbox and an outbox. The inbox receives all activities destined for the actor, while the outbox contains activities the actor has produced. Servers use HTTP POST requests with signed JSON payloads to deliver activities to remote inboxes. For discovery and identity, servers expose a WebFinger endpoint and an actor object at a predictable URL, allowing other servers to look up and retrieve public key information for secure, authenticated delivery.

A key feature of ActivityPub is its support for decentralized moderation and access control. Server administrators can implement instance-level blocks to prevent all communication with another server, while users can block or mute other individual accounts. Content can be addressed to specific audiences using the to, cc, bto, and bcc fields, enabling both public posts and private direct messages. This architecture allows for a diverse ecosystem where communities can set their own rules while still participating in a global network.

The term ActivityPub is a portmanteau of Activity Streams, a prior format for representing social activities, and Pub for Publish-Subscribe, indicating its core mechanism. The protocol was formally standardized by the World Wide Web Consortium (W3C) in January 2018 as a successor to the OStatus protocol, which powered early federated networks like GNU Social. Its design is deeply rooted in Linked Data principles and the Activity Vocabulary, aiming to create an interoperable social web where different servers (instances) can communicate.

The historical impetus for ActivityPub came from the limitations of walled garden social media platforms and the desire for user-controlled, decentralized alternatives. Prior federated protocols were often brittle and lacked a unified standard. ActivityPub's development within the W3C's Social Web Working Group provided a rigorous, vendor-neutral specification. Its architecture is heavily influenced by the ActivityStreams 2.0 data format, which provides a JSON-LD vocabulary for describing social interactions like Create, Follow, and Like, ensuring a common semantic understanding across implementations.

A pivotal moment in ActivityPub's adoption was its integration into the Mastodon microblogging platform starting in 2017, which demonstrated the protocol's viability at scale. This created the Fediverse (federated universe), a network of interconnected but independent servers. The protocol's history is marked by its pragmatic design, prioritizing practical federation over theoretical perfection, which led to rapid adoption by diverse platforms including PeerTube (video), Pixelfed (images), and Lemmy (link aggregation), each extending the core ActivityPub vocabulary for their specific needs.

The evolution of ActivityPub continues as the W3C's SocialCG (Social Web Community Group) maintains the specification. Key historical challenges have included scaling federation, mitigating abuse across servers, and refining the semantics of interactions. Its success lies in providing a foundational API layer that separates the social graph from the application, enabling innovation while preserving interoperability—a direct response to the centralized history of the early 21st-century social web.