[Openid-specs-ab] Username

Mike Jones Michael.Jones at microsoft.com
Thu May 17 22:40:30 UTC 2012


I have a philosophical problem with including a "preferred username" claim, as it is counter to our goals of having sites rely on federated logins, rather than creating local accounts.  Yes it makes sense for SCIM, where the goal is provisioning of local accounts.  But the whole point of OpenID Connect is to use third party identity - not to create local accounts.  Thus, we shouldn't knowingly facilitate local account creation.

Besides, this doesn't meet the "needed to enable 80% of sites to accept OpenIDs without undue user interactions" that we were informally using as the criteria to include a claim in the basic UserInfo claim set.

(Also added the comments above to the ticket.)

				-- Mike

-----Original Message-----
From: openid-specs-ab-bounces at lists.openid.net [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Justin Richer
Sent: Wednesday, May 16, 2012 10:08 AM
To: openid-specs-ab at lists.openid.net
Subject: Re: [Openid-specs-ab] Username

Issue reported:

https://bitbucket.org/openid/connect/issue/584/messages-username-claim

  -- Justin

On 05/16/2012 12:04 PM, Justin Richer wrote:
> Yes, that's exactly what I'm after. For my own facebook account, it 
> returns "zeronine", which is what I would expect for a "username" on 
> that service. Since we plan to implement both the OpenID (aka
> "facebook") schema and the PoCo schema on our endpoints, I wanted to 
> make sure we had sufficient overlap in the data model. Plus, from our 
> IdP, all of our users *do* have unique usernames in addition to (and 
> separate from) the user IDs we'll be presenting.
>
>  -- Justin
>
> On 05/16/2012 11:52 AM, John Bradley wrote:
>> In the Facebook case they are exposing the Facebook username.  Is 
>> that what thou want or an indication of what username they would like?
>>
>> I am not against the idea, just wanting to clarify the proposed 
>> semantics.
>>
>> John
>> On 2012-05-16, at 11:27 AM, Justin Richer wrote:
>>
>>> Whether or not we want to encourage them, we have systems that will 
>>> use them. Facebook also has "username" now:
>>>
>>> https://developers.facebook.com/docs/reference/api/user/
>>>
>>> So I say we just grab that and be done with it. PoCo has 
>>> "preferredUsername" for the same purpose. This makes a lot more 
>>> sense than "nickname", which really has a different (and potentially 
>>> useful in parallel) semantic behind it.
>>>
>>> -- Justin
>>>
>>> On 05/16/2012 11:16 AM, John Bradley wrote:
>>>> That is not part of the basic set of attributes Facebook uses, That 
>>>> was where the list originally came from.
>>>>
>>>> I thought that nickname was used by RP for that.
>>>>
>>>> looking at the spec the example of shorting Michael to Mike may be 
>>>> slightly misleading, In my case my nickname is "ve7jtb".  The other 
>>>> potential issue is that we don't preclude spaces.
>>>>
>>>> Is there a need for a separate claim that is a single string not 
>>>> including spaces to be used as a local user name.
>>>>
>>>> There is also the question of encouraging local user names.
>>>>
>>>> John B.
>>>> On 2012-05-16, at 10:45 AM, Justin Richer wrote:
>>>>
>>>>> I might be missing it, but it seems that there's a gap for 
>>>>> specifying a user's preferred local username in the User Info 
>>>>> schema. This is distinct from "user_id" which is a guaranteed 
>>>>> unique identifier, "name" which is the actual name of the person, 
>>>>> "nickname" which is a shortened first name, or anything else that 
>>>>> I can see.
>>>>>
>>>>> Is there a specific reason for this omission? If not, I'd like us 
>>>>> to add in a standard claim for this information.
>>>>>
>>>>> -- Justin
>>>>> _______________________________________________
>>>>> Openid-specs-ab mailing list
>>>>> Openid-specs-ab at lists.openid.net
>>>>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>

_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab




More information about the Openid-specs-ab mailing list