[OpenID] OpenID For Web Services

Nic James Ferrier nferrier at tapsellferrier.co.uk
Wed Feb 28 13:54:24 UTC 2007

Pat Cappelaere <pat at cappelaere.com> writes:

> Is there a proposed standard or best-practice to pass along openid
> information to web services that can be accessed across other domains?'
> Example: 
> User logs on to main site.
> User performs some action (distributed search for example)
> Main site accesses web services across many remote sites on behalf of user.
> Might be nice to have something like:
> http://www.example.com/service?openid=xxx
> Remote site should be able to validate user and even access user profile
> information (if user agrees, of course)

One of the things we're hoping to do with prooveme.com is to make
it possible to create client certificates to delegate to other sites
so they can authenticate, with your permission and in the way you
want, to 3rd parties.

So if you want flikr to post particular tagged photos to your blog you
can create a certificate which allows authenticating to one site only
and then give it to flikr.

Flikr then uses your OpenID and your prooveme.com certificate to
authenticate on your behalf and post photos.

Nic Ferrier
Need a linux/java/python/web hacker?  I'm in need of work!

More information about the general mailing list