<span style="">Dear OpenID enthousiasts,</span><br><br><span style="">I have visited some OpenID enabled sites. I have found that they require submitting a form with my OpenID to get the process going. I'm no expert and neither a heavy OpenID user. But I was wondering what would happen if the OpenID enabled website could support adding my OpenID as a request parameter?
</span><br><br><span style="">Instead of this flow:</span><br><span style="">1. Http GET request for <a href="http://myenabledsite.com/index.php">http://myenabledsite.com/index.php</a></span><br><span style="">2. Fill in OpenID in form and click Submit
</span><br><span style="">3. OpenID processing (possibly requiring authentication)</span><br><span style="">4. Logged in to <a href="http://myenabledsite.com">myenabledsite.com</a></span><br><br><span style="">I would get this flow:
</span><br><span style="">1. Http GET request for <a href="http://myenabledsite.com/index.php?openid_url=http://getopenid.com/sampleid">http://myenabledsite.com/index.php?openid_url=http://getopenid.com/sampleid</a></span>
<br><span style="">2. OpenID processing (possibly requiring authentication)</span><br><span style="">3. Logged in to <a href="http://myenabledsite.com">myenabledsite.com</a></span><br><br><span style="">I would eliminate step 2 of the orginal process.
</span><br><span style="">I could bookmark my favourite Open-ID enabled sites with the request parameter added, never having to fill in the form anymore.</span><br><span style="">If I was logged in to my OpenID provider already, I would have a 'true' Single Sign-On experience.
</span><br><br><span style="">It's hard to imagine I would be the first to think of this and there are probably good reasons not to implement OpenID like this. So I am very curious as to what those reasons are. </span>
<br><span style="">Two, I could think of myself are:</span><br><span style="">1. that this request parameter would have to be standardised in a way so that users wouldn't have to 'guess' at it</span><br><span style="">
2. that you would still have to find out which page to GET with the request parameter. Not all sites 'start' at /index.php. A possible solution for this would be not to use a request parameter but a standard URL. You would be able to login with OpenID to every enabled site at http://<domain>/openid/<your openid>.
</span><br><br><span style="">Thanks in advance for your feedback.</span><br><br>Kind regards,<br>Robin<br>