Seamless site-to-site account creation and login via OpenID
Tony
bascule at gmail.com
Thu Aug 24 08:21:16 UTC 2006
Thus far I've only read about OpenID and tried it out with some scant
services. However as far as I can tell, the process of creating an account
and logging in to a trusted "partner" site could be made completely
automated, correct?
Example:
User has an account on Web Site A. User logs into Site A and a session
cookie is set.
User wants to access a service on Site B which is part of Site A's trusted
network of partner sites.
User requests Site B's feature on Site A. Site A directs the user to Site
B, passing their OpenID XRI for Site A to Site B.
Site B would then contact Site A based on the OpenID to verify User's
identity. Site B would then issue an HTTP redirect for the user to a
specially designed landing URL.
When User's browser hits the landing URL, Site A checks the session cookie
and sets up the trust relationship with Site B.
As far as I can tell, this can be 100% seamless and behind the scenes,
provided the user has 1) already logged into Site A and 2) Site A and B
trust each other enough to use OpenID in this manner.
Correct, or am I missing something?
Tony Arcieri
ClickCaster.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.danga.com/pipermail/yadis/attachments/20060824/149738f6/attachment.htm
More information about the yadis
mailing list