Seamless site-to-site account creation and login via OpenID

Tony bascule at
Thu Aug 24 08:21:16 UTC 2006

Thus far I've only read about OpenID and tried it out with some scant
services.  However as far as I can tell, the process of creating an account
and logging in to a trusted "partner" site could be made completely
automated, correct?


User has an account on Web Site A.  User logs into Site A and a session
cookie is set.

User wants to access a service on Site B which is part of Site A's trusted
network of partner sites.

User requests Site B's feature on Site A.  Site A directs the user to Site
B, passing their OpenID XRI for Site A to Site B.

Site B would then contact Site A based on the OpenID to verify User's
identity.  Site B would then issue an HTTP redirect for the user to a
specially designed landing URL.

When User's browser hits the landing URL, Site A checks the session cookie
and sets up the trust relationship with Site B.

As far as I can tell, this can be 100% seamless and behind the scenes,
provided the user has 1) already logged into Site A and 2) Site A and B
trust each other enough to use OpenID in this manner.

Correct, or am I missing something?

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the yadis mailing list