List of /.well-known/ services offered by webservers

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

It is increasingly common for Web-based protocols to require the discovery of policy or other information about a host ("site-wide metadata") before making a request. RFC5785 defines a path prefix in HTTP(S) URIs for these "well-known locations", "/.well-known/".

Specifications that need to define a resource for such site-wide metadata can register their use with Internet Assigned Numbers Authority (IANA) to avoid collisions and minimize impingement upon sites' URI space.

A well-known URI is a URI RFC3986 whose path component begins with the characters "/.well-known/", and whose scheme is "HTTP", "HTTPS", or another scheme that has explicitly been specified to use well-known URIs.

For example, if an application registers the name 'example', the corresponding well-known URI on '' would be

Well-known URIs[edit]

URI suffix Description Reference Date of IANA registration
acme-challenge Automated Certificate Management Environment (ACME) RFC8555 2019-03-01
ashrae BACnet - A Data Communication Protocol for Building Automation and Control Networks PDF 2016-01-22
assetlinks.json AssetLinks protocol used to identify one or more digital assets (such as web sites or mobile apps) that are related to the hosting web site in some fashion. Google 2015-09-28
caldav Locating Services for Calendaring Extensions to WebDAV (CalDAV) and vCard Extensions to WebDAV (CardDAV) RFC6764
carddav Locating Services for Calendaring Extensions to WebDAV (CalDAV) and vCard Extensions to WebDAV (CardDAV) RFC6764
coap CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets RFC8323 2017-12-22
core Constrained RESTful Environments (CoRE) Link Format RFC6690
csvm CSV metadata, Model for Tabular Data and Metadata on the Web W3C 2015-09-28
dnt Site-wide tracking status resource W3C 2015-08-19
dnt-policy.txt A privacy-friendly Do Not Track (DNT) Policy EFF 2015-08-19
est Enrollment over Secure Transport (EST) RFC7030 2013-08-16
genid The Resource Description Framework (RDF) Skolem IRIs RDF 1.1 2012-11-15
hoba HTTP Origin-Bound Authentication (HOBA) RFC7486, Section 6 2015-01-20
host-meta Web Host Metadata RFC6415
host-meta.json Web Host Metadata RFC6415
http-opportunistic Opportunistic Security for HTTP/2 RFC8164, Section 2.3 2017-03-20
keybase.txt Used by the Keybase project to identify a proof that one or more people whose public keys may be retrieved using the Keybase service have administrative control over the origin server from which it is retrieved. 2014-04-08
mercure Discovery of mercure hubs. Mercure is a protocol enabling the pushing of data updates to web browsers and other HTTP clients in a fast, reliable and battery-efficient way. web
mta-sts.txt SMTP MTA Strict Transport Security Policy RFC8461, Section 2.3 2018-06-21
ni Naming Things with Hashes RFC6920
openid-configuration OpenID Connect OpenID 2013-08-27
openorg Organisation Profile Document web 2015-05-29
pki-validation CA/Browser Forum’s Baseline Requirements Certificate Policy for the Issuance and Management of Publicly-Trusted Certificates PDF 2017-02-06
posh PKIX over Secure HTTP (POSH) RFC7711 2015-09-20
reload-config REsource LOcation And Discovery (RELOAD) Base Protocol RFC6940
repute-template A Reputation Query Protocol RFC7072 2013-09-30
resourcesync ResourceSync Framework Specification ANSI/NISO Z39.99-2017 2017-05-26
security.txt Standard to help organizations define the process for security researchers to disclose security vulnerabilities web 2018-08-20
stun-key Session Traversal Utilities for NAT (STUN) Extension for Third-Party Authorization RFC7635 2015-06-12
time Time over HTTPS specification web 2015-12-09
timezone Time Zone Data Distribution Service RFC7808 2015-08-03
uma2-configuration User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization UMA 2.0 Grant for OAuth 2.0, Section 2 2017-06-20
void Describing Linked Datasets with the VoID Vocabulary W3C 2011-05-11
webfinger WebFinger RFC7033 2013-03-15, 2013-09-06
apple-app-site-association An Apple service that enables secure data exchange between iOS and a website. web
apple-developer-merchantid-domain-association Apple Pay web
browserid Mozilla Persona web
openpgpkey OpenPGP Web Key Service RFC draft
autoconfig/mail Mozilla Thunderbird mail autoconfiguration service web
change-password Redirects to a password change form web
nodeinfo Metadata for federated social networking servers web


  • "Well-Known URIs". IANA. Retrieved 6 February 2018.