OpenID and XML WebServices

Timothy Parez timothyparez at
Sat Aug 26 22:47:17 UTC 2006

Um... :)
I'm not familiar enough with all this.

If my application is able to make a webrequest (like a browser) and then
parse the response of that request wouldn't that be enough just to know
wether or not this OpenID specified by the user has been authenticated ?

I don't know, something like making a request to and passing
the openid identity url ...
Or is a web server really required for this to work ?

I want my application to call a function on the webservice and the
webservice either replies true or false defining wether or not the user has
been authenticated.


-----Original Message-----
From: Granqvist, Hans [mailto:hgranqvist at] 
Sent: vrijdag 11 augustus 2006 17:36
To: Timothy Parez; yadis at
Subject: RE: OpenID and XML WebServices

You could spec an OpenID token type for use with WS-Security, but the
problem is that that would be probably be tough since OpenID is somewhat
limited by http mechanisms.

I guess if one assumes that the user is logged in, then the needed state
could be described inside such a token, but the semantics of usage seem
quite complex.


> -----Original Message-----
> From: yadis-bounces at
> [mailto:yadis-bounces at] On Behalf Of Timothy Parez
> Sent: Friday, August 11, 2006 5:12 AM
> To: yadis at
> Subject: OpenID and XML WebServices
> Has anybody managed to use OpenID for authentication with XML 
> WebServices (preferably .NET based).
> Timothy.

More information about the yadis mailing list