[OpenID] Using OpenID to authenticate at a 3rd party service

Chris Richard chris.richard at gmail.com
Mon Feb 12 09:57:28 UTC 2007

I want to expose a web service that relying parties can use on behalf
of users and I'd like to use OpenID to authenticate users at this service.

I'd like to add the service (a new service type) to the user's XRDS (which
already contains an OpenID service) and now the relying party can find both
services it needs. But what should the communication look like between these
four parties (the user agent, relying party, OpenID service, my web
service)? Does the relying party need to authenticate the user with OpenID
first and then forward the user through my service where the user is again
authenticated and eventually sent back to the relying party?

Thanks in advance for any comments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20070212/c140a110/attachment-0002.htm>

More information about the general mailing list