Dynamic Delegate Identity?

Martin Atkins mart at degeneration.co.uk
Sat Sep 2 20:21:26 UTC 2006

Ben Hyde wrote:
> Rather than provide an openid.delegate of, say, 
> http://wikitravel.org/en/User:Downtown on my open id url page 
> www.cozy.org/chum wouldn't it be preferable if I provided 
> http://wikitravel.org/en/OpaqueUser:13452342152?

Can't this just use the new support for entering your IDP's URL rather 
than your own URL? You'd just say (for example):


...and then, presumably, everything would proceed as if the user had 
entered http://www.myidentityprovider.com/ as the identity in the first 
place, except of course that the "primary key" for that user would end 
up being the delegating URL rather than the IDP-generated URL.

> ps. I'm a bit unclear on why openid.delegate is required.

The primary use case is for people who host their own domains to be able 
to use their domains for OpenID identity URLs without having to run 
their own IDP. It is also useful in that it provides a layer of 
abstraction allowing users to switch identity providers without losing 
their identity, in a similar fashion to "vanity address" email 
forwarding services.

Of course, Delegate is of limited interest to someone who is 
intentionally using a different identity for each site. It's aimed at 
people who actually *want* services to know who they are! :)

More information about the yadis mailing list