OpenID and desktop applications

Lukas Leander Rosenstock webmaster at
Wed Dec 7 15:57:32 UTC 2005

It should be no problem for you to write a desktop application that asks 
for the users identity, then fetches this URL with a HTTP engine and 
looks up the identity server URL. This URL, however, must be rendered 
with some kind of HTML browser because the user needs an interface to 
enter his password and set trust with his identity server. This must be 
taken back to your application. I could imagine three possiblities for this:
a) Use a browser engine embedded in your application, e.g. if your 
native desktop application is for Windows you can simply use the IE 
ActiveX control. The "openid.return_to" is a "dummy" URL. If you see 
your browser control navigating there stop it from doing this, catch the 
query string and process it in your application, e.g. read out 
"openid.mode" and the others and do the ID check (using immediate or 
association) on the local machine.
b) Call the OpenID server on the users default browser. The browser 
needs to give control back to your application, so you must give him an 
"openid.return_to" that is either 
http://localhost:port_of_your_application/ or specialprotocol:foo (might 
be difficult to handle). Then read out "openid.mode" and the others and 
do the ID check (using immediate or association) on the local machine.
c) If your application is connected to a web service anyway you do the 
ID check on the server. Your application opens a session with the server 
and then opens the URL, this time "openid.return_to" is part of the 
webservice. The webservice can to the ID check and then notify the 
application on the local machine (through the socket/session) that logon 
was successfull.

I hope that helps!


Andrey Tatarinov wrote:

>I'd like to create native desktop application (as a part of web service)
>which could've use OpenID. After reading specs and search internet - I
>do not see a way to do it.
>Any tips?

More information about the yadis mailing list