Auth flows for web widgets?
Allen Tom
atom at yahoo-inc.com
Tue Mar 17 18:34:13 UTC 2009
Hi George,
Have you seen the Yahoo Updates Gadget for iGoogle?
http://developer.yahoo.net/blog/archives/2009/03/igoogle_open_updates.html
The gadget opens a popup to do the OAuth dance with Yahoo. After the
user authorizes the gadget, the user closes the popup, and the gadget
fetches the OAuth credentials.
The Yahoo OAuth UI was *not* designed to render in a popup, and there
are lots of things that can be improved. For instance, the screens are
way too large, there are three screens (one too many), and the user has
to somehow know to close the popup window after reaching the last screen
to return back to the gadget. Also, the screens are excessively scary
and wordy, but that's a different topic altogether.
Allen
George Fletcher wrote:
> Hi,
>
> I'm wondering if anyone has developed UX flows for web based "widgets"
> that don't implement the "password anti-pattern"? Most widget's that
> require an identity provide an "authentication form" on the "back" of
> the widget. I'm trying to figure out how to propose a good user
> experience that doesn't require the "password anti-pattern". For
> instance, it seems weird to popup a browser window from the "back" of
> a widget. Just wondering if anyone has examples for solving this. I
> realize a widget container can help... but I'm looking for the
> standalone solution right now.
>
> Thanks,
> George
> _______________________________________________
> user-experience mailing list
> user-experience at openid.net
> http://openid.net/mailman/listinfo/user-experience
More information about the user-experience
mailing list