I'm intrigued by the IndieAuth thing where you can input a domain but your final identifier is a page specific to you on that domain - seems like it could help avoid users having to register their own domain or remember their full URL
so it turns out this works. I can type in “email@example.com” in an indieauth prompt and it works. because that is a URL.
I’ll admit it’s a bit of a “hack”. The trick is “firstname.lastname@example.org” is a URL because if you assume the http scheme then you get http://email@example.com which is a username but no password with HTTP basic auth. The server can switch what it returns based on that username.