[OpenID] General questions about 'checkid_immediate'
rowan at standardinteractive.com
Tue Jan 30 20:41:20 UTC 2007
On 1/30/07, David Fuelling <sappenin at gmail.com> wrote:
> does an OP authenticate a user for an RP *without* user interaction on the
> OP side?
If you use a hidden iframe to make the immediate request, then you can
find out if the user is already logged in. You send your
authentication request in the iframe, and the OP will redirect it back
to you through the browser with pass/fail results.
> Doesn't the user have to "do" something on the OP first (like
> login, or mark an OP as "trusted").
That depends on the implementation of the OP. For example, an OP could
reply to immediate Authentication requests from anywhere regardless of
your relationship, unless they are also trying to do a Fetch with AX.
If your OP wants you to confirm relationships with RP's then the first
time immediate mode request from any RP would fail. Until after you
completed a setup mode request.
More information about the general