Tŵt Blog

We have been testing the Mastodon feature “authorized fetch” for some time, and can now confirm we are going to move forward with this setting enabled.

When a server we are connected to is suspended, it continues to have access to all public posts and profiles, as this information is accessed anonymously unless authorized fetch is enabled.

Authorized fetch requires all Fediverse servers to identify themselves for each request, thereby allowing us to recognize and refuse access to suspended servers.

This does not completely protect any individual content that is posted using the “Public” setting, as this content is also freely available from any web browser. However, it removes the opportunity for suspended servers servers to fetch and interact with your content.

We additionally block access using other tools and resources, as part of our wider toolkit to reduce access for inauthentic actors.

This setting may impact some third-party Mastodon clients, please let us know at help@toot.wales if you encounter any issues.

For more information about authorized fetch, see:

• https://docs.joinmastodon.org/admin/config/#authorized_fetch
• https://fedi.tips/authorized-fetch/
• https://hub.sunny.garden/2023/06/28/what-does-authorized_fetch-actually-do/