<h1 class="posttitle"><font size="2">This is taken from...</font></h1><br><a href="http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for">http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for</a><br><br><h1 class="posttitle">
Isn't that what OpenID is for?<br>
<span class="smallcopy">July 3, 2007 3:16 PM</span></h1>
<div class="copy">I
have a potential web development client who wants users of their site
to be able to log in to their site using existing IDs from AOL,
Facebook, Google, Windows Live, Yahoo, and other social networking
sites and have their site keep them logged in at the other sites. Is
this possible?<br>
<div style="border-top: 1px dotted rgb(119, 119, 119); margin-top: 6px; padding-right: 20px;">
<br>
Isn't that what <a href="http://openid.net/">OpenID</a> is for?
</div>
<span class="smallcopy">posted by <a href="http://www.metafilter.com/user/10648" target="_self">kirkaracha</a> to <a href="http://ask.metafilter.com/category/1">computers & internet</a> (8 comments total)
<span id="favcnt366177"><a href="http://ask.metafilter.com/favorited/66177" style="font-weight: normal;" target="_self">7 users marked this as a favorite</a></span>
</span></div>
<div class="copy" style="margin-bottom: 10px;">
</div>
<a name="994019"></a>
<div class="comments">Yeah, it's pretty much
what OpenID is for, tho there are other mechanisms with which you can
interface with some, tho not all of the sites you've listed. I'm in the
middle of a project with similar requirements, and it's huge. I wish I
had a team. <br>
<br>
At any rate, without knowing more about the project requirements, I
would suggest steering your client toward enabling their site with
OpenID and looking into interfacing specifically with AOL, Yahoo,
Google and Facebook if they need more in-depth user information from
site to site.<br>
<span class="smallcopy">posted by <a href="http://www.metafilter.com/user/824" target="_self">annathea</a> at <a href="http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for#994019" target="_self">3:29 PM</a> on July 3
</span></div>
<br>
<br>
<a name="994022"></a>
<div class="comments">Supporting these things would be your problem even if OpenID is used. Some can be done:<br>
<br>
<a href="http://dev.aol.com/aol-and-63-million-openids">AOL with OpenID</a>, <a href="http://idproxy.net/">Yahoo with OpenID (third party)</a>, <a href="http://developers.facebook.com/">Facebook API</a>.<br>
<span class="smallcopy">posted by <a href="http://www.metafilter.com/user/39057" target="_self">genghis</a> at <a href="http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for#994022" target="_self">3:33 PM</a> on July 3
</span></div>
<br>
<br>
<a name="994028"></a>
<div class="comments">I work with the folks who
created OpenID initially, and we've deployed a couple million OpenID
identities -- this is exactly what the system is designed for.<br>
<br>
For the specific brands you've listed, only AOL provides OpenID
identities for their AOL and AIM users. There is a third-party service
that will allow you to use Yahoo logins via OpenID, which is a little
complicated for most normal people, and Microsoft's CardSpace identity
system will accept OpenIDs but doesn't use them for sign-in.<br>
<br>
That being said, there are over 100 million OpenIDs already created, so
there's starting to be critical mass, and you can fake some of the
other stuff using Google's and Facebook's and Yahoo's proprietary
authentication APIs.<br>
<br>
The real question is what benefit single sign-on will provide to your
users - it's a tough concept to explain, and usually makes the most
sense when they see some benefit (in terms of reputation or
authentication or social network) for bringing their identity from
elsewhere.<br>
<span class="smallcopy">posted by <a href="http://www.metafilter.com/user/508" target="_self">anildash</a> at <a href="http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for#994028" target="_self">3:42 PM</a> on July 3
</span></div>
<br>
<br>
<a name="994049"></a>
<div class="comments"><a href="http://siege.org/projects/phpMyID/">phpmyID</a> might be useful for your project<br>
<span class="smallcopy">posted by <a href="http://www.metafilter.com/user/44107" target="_self">acro</a> at <a href="http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for#994049" target="_self">4:16 PM</a> on July 3
</span></div>
<br>
<br>
<a name="994088"></a>
<div class="comments">Why would logging into one site log them out of another?<br>
<span class="smallcopy">posted by <a href="http://www.metafilter.com/user/35452" target="_self">rhizome</a> at <a href="http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for#994088" target="_self">5:23 PM</a> on July 3
</span></div>
<br>
<br>
<a name="994187"></a>
<div class="comments"><em>The real question is
what benefit single sign-on will provide to your users - it's a tough
concept to explain, and usually makes the most sense when they see some
benefit (in terms of reputation or authentication or social network)
for bringing their identity from elsewhere.</em><br>
<br>
I've been involved one way or another in 3 different "single sign-on"
projects. It's an idea that seems to crop up over and over without ever
taking over. It's the kind of idea that sounds more useful the less
time you've had to really think through what's in it for users, and how
it would work for them in any detail. anildash speaks wisdom, for this
to be viable one imagines there has to be more to the project than just
"save the trouble of logging in more than once", what else is needed,
what other data has to be transfered from facebook etc to your clients
site?<br>
<span class="smallcopy">posted by <a href="http://www.metafilter.com/user/18655" target="_self">scheptech</a> at <a href="http://ask.metafilter.com/66177/Isnt-that-what-OpenID-is-for#994187" target="_self">8:00 PM</a> on July 3
</span></div>