SlideShare a Scribd company logo

An Introduction to OpenID

M
Max Manders

A brief introduction to OpenID - A decentralised Single Sign On mechanism for the web.

Technology
1 of 23
An Introduction
What is OpenID? OpenID is a decentralised Single Sign On system for the web. An Introduction
Why OpenID? Too many user names? Too many passwords? User name already taken? An Introduction
What is an OpenID? An OpenID is simply a URI, e.g. http://mmanders.myopenid.com An Introduction
So what? You can claim ownership of a URI. The ability to prove ownership of a URI can facilitate authentication. An Introduction
How? You don’t authenticate to a site with credentials agreed on with that site. You authenticate with credentials agreed on with your ID Provider. An Introduction
This sounds familiar! It’s Similar to Microsoft Passport. It’s different in that Microsoft doesn’t have ownership – you do! An Introduction
This sounds familiar! It’s an open standard. The standard isn’t owned by any single organisation. You don’t have to seek Microsoft permission to implement it. An Introduction
Who has ownership? You do! You pick an Identity Provider. Or implement the server-side yourself! An Introduction
A brief demonstration An Introduction
How does sign-up fit in? Augments the sign-up process. Doesn’t provide information; authentication only. Still need CAPTCHAs. An Introduction
Where does sign-up fit? Simple Registration Extension provides lightweight exchange of profile information. Beyond the scope of this introduction. An Introduction
How does OpenID work? Link tag on OpenID page. <link rel=“openid.server” href=http://www.myopenid.com/server /> An Introduction
How does OpenID work? Relying party establishes a shared secret with Identity Provider using Diffie-Hellman key exchange. An Introduction
How does OpenID work? HTML at URI is parsed to discover Identity Provider. An Introduction
How does OpenID work? User is redirected to Identity Provider in order to authenticate. An Introduction
How does OpenID work? User is redirected back to relying party and shared secret is used to guard against spoofed requests. An Introduction
Can I use my own URI? Using delegation, you can use your own domain as your OpenID! An Introduction
Can I use my own URI? Put the following link tags in the head section of your domain index page: <link rel=“openid.server” href=“<id_server”> /> <link rel=“openid.delegate” href=“<delegate url>” /> An Introduction
Can I use my own URI? For example, until I implement my own server, I use: <link rel=“openid.server” href=http://www.myopenid.com/server /> <link rel=“openid.delegate” href=http://maxmanders.myopenid.com /> An Introduction
Can I change providers? What if I don’t trust my provider? You can simply delegate authority to a different provider! An Introduction
Further Reading… The Specifications: http://openid.net Wikipedia: http://en.wikipedia.org/wiki/OpenID Implementation Libraries: http://openidenabled.com Jan Rain: http://janrain.com/openid An Introduction
Thank You! Max Manders http://maxmanders.co.uk [email_address] An Introduction

Recommended

Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
OpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedOpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedEugene Siow
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An OverviewPat Patterson
 
Understanding OpenID
Understanding OpenIDUnderstanding OpenID
Understanding OpenIDPrabath Siriwardena
 
OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2Mike Schwartz
 
Full stack security
Full stack securityFull stack security
Full stack securityDPC Consulting Ltd
 
OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11Nov Matake
 
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Justin Richer
 

Recommended

Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
OpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedOpenID Connect 1.0 Explained
OpenID Connect 1.0 ExplainedEugene Siow
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An OverviewPat Patterson
 
Understanding OpenID
Understanding OpenIDUnderstanding OpenID
Understanding OpenIDPrabath Siriwardena
 
OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2OpenID Connect vs. OpenID 1 & 2
OpenID Connect vs. OpenID 1 & 2Mike Schwartz
 
Full stack security
Full stack securityFull stack security
Full stack securityDPC Consulting Ltd
 
OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11OpenID Connect 101 @ OpenID TechNight vol.11
OpenID Connect 101 @ OpenID TechNight vol.11Nov Matake
 
Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Mit 2014 introduction to open id connect and o-auth 2
Mit 2014 introduction to open id connect and o-auth 2Justin Richer
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?Oliver Pfaff
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...Salesforce Developers
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenIDFoundation
 
Open ID
Open IDOpen ID
Open IDdiwanshu.joshi
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
OpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebOpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebRichard Metzler
 
OpenId Connect Protocol
OpenId Connect ProtocolOpenId Connect Protocol
OpenId Connect ProtocolMichael Furman
 
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkOAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkNov Matake
 
OpenID and OAuth
OpenID and OAuthOpenID and OAuth
OpenID and OAuthAndrea Chiodoni
 
OpenID Connect primer
OpenID Connect primerOpenID Connect primer
OpenID Connect primernob f
 
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...Mike Schwartz
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
 
OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)Torsten Lodderstedt
 
OpenID Connect Federation
OpenID Connect FederationOpenID Connect Federation
OpenID Connect FederationAndreas Åkre Solberg
 
Authentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN StackAuthentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN StackFITC
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTMobiliya
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)Torsten Lodderstedt
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect ExplainedVladimir Dzhuvinov
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 
The Open, Social Web
The Open, Social WebThe Open, Social Web
The Open, Social WebChris Messina
 
A Quick Introduction to YQL
A Quick Introduction to YQLA Quick Introduction to YQL
A Quick Introduction to YQLMax Manders
 

More Related Content

What's hot

CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCloudIDSummit
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?Oliver Pfaff
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...Salesforce Developers
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenIDFoundation
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectSaran Doraiswamy
 
OpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebOpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebRichard Metzler
 
OpenId Connect Protocol
OpenId Connect ProtocolOpenId Connect Protocol
OpenId Connect ProtocolMichael Furman
 
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkOAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkNov Matake
 
OpenID Connect primer
OpenID Connect primerOpenID Connect primer
OpenID Connect primernob f
 
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...Mike Schwartz
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
 
OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)Torsten Lodderstedt
 
Authentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN StackAuthentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN StackFITC
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTMobiliya
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)Torsten Lodderstedt
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersSalesforce Developers
 

What's hot (20)

CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...OpenID Connect: The new standard for connecting to your Customers, Partners, ...
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018
 
Open ID
Open IDOpen ID
Open ID
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
 
OpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the WebOpenID vs OAuth - Identity on the Web
OpenID vs OAuth - Identity on the Web
 
OpenId Connect Protocol
OpenId Connect ProtocolOpenId Connect Protocol
OpenId Connect Protocol
 
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkOAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
 
OpenID and OAuth
OpenID and OAuthOpenID and OAuth
OpenID and OAuth
 
OpenID Connect primer
OpenID Connect primerOpenID Connect primer
OpenID Connect primer
 
The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...The Client is not always right! How to secure OAuth authentication from your...
The Client is not always right! How to secure OAuth authentication from your...
 
CIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in ActionCIS14: OAuth and OpenID Connect in Action
CIS14: OAuth and OpenID Connect in Action
 
OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)OpenID Connect 4 SSI (at EIC 2021)
OpenID Connect 4 SSI (at EIC 2021)
 
OpenID Connect Federation
OpenID Connect FederationOpenID Connect Federation
OpenID Connect Federation
 
Authentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN StackAuthentication and Authorization Architecture in the MEAN Stack
Authentication and Authorization Architecture in the MEAN Stack
 
Stateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWTStateless Auth using OAUTH2 & JWT
Stateless Auth using OAUTH2 & JWT
 
OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)OpenID Connect 4 SSI (DIFCon F2F)
OpenID Connect 4 SSI (DIFCon F2F)
 
OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect Explained
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
 

Viewers also liked

The Open, Social Web
The Open, Social WebThe Open, Social Web
The Open, Social WebChris Messina
 
A Quick Introduction to YQL
A Quick Introduction to YQLA Quick Introduction to YQL
A Quick Introduction to YQLMax Manders
 
OpenID Bootcamp Tutorial
OpenID Bootcamp TutorialOpenID Bootcamp Tutorial
OpenID Bootcamp TutorialDavid Recordon
 
OpenID Authentication by example
OpenID Authentication by exampleOpenID Authentication by example
OpenID Authentication by exampleChris Vertonghen
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...Brian Campbell
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2Aaron Parecki
 
Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectJonathan LeBlanc
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Anil Saldanha
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...Brian Campbell
 
Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)Stormpath
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheLeslie Samuel
 

Viewers also liked (12)

The Open, Social Web
The Open, Social WebThe Open, Social Web
The Open, Social Web
 
A Quick Introduction to YQL
A Quick Introduction to YQLA Quick Introduction to YQL
A Quick Introduction to YQL
 
OpenID Bootcamp Tutorial
OpenID Bootcamp TutorialOpenID Bootcamp Tutorial
OpenID Bootcamp Tutorial
 
OpenID Authentication by example
OpenID Authentication by exampleOpenID Authentication by example
OpenID Authentication by example
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2
 
Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID Connect
 
Demystifying OAuth 2.0
Demystifying OAuth 2.0Demystifying OAuth 2.0
Demystifying OAuth 2.0
 
Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?Saml vs Oauth : Which one should I use?
Saml vs Oauth : Which one should I use?
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
 
Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)
 
How to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your NicheHow to Become a Thought Leader in Your Niche
How to Become a Thought Leader in Your Niche
 

Similar to An Introduction to OpenID

Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteDavid Keener
 
Open id & OAuth
Open id & OAuthOpen id & OAuth
Open id & OAuthPaul Fryer
 
The Implications of OpenID
The Implications of OpenIDThe Implications of OpenID
The Implications of OpenIDSimon Willison
 
OpenID and decentralised social networks
OpenID and decentralised social networksOpenID and decentralised social networks
OpenID and decentralised social networksSimon Willison
 
Building the Social Web with OpenID
Building the Social Web with OpenIDBuilding the Social Web with OpenID
Building the Social Web with OpenIDSimon Willison
 
OpenID Tutorials
OpenID TutorialsOpenID Tutorials
OpenID TutorialsNao Haida
 
Rest Introduction (Chris Jimenez)
Rest Introduction (Chris Jimenez)Rest Introduction (Chris Jimenez)
Rest Introduction (Chris Jimenez)PiXeL16
 
OpenID @ Winterschool 2008
OpenID @ Winterschool 2008OpenID @ Winterschool 2008
OpenID @ Winterschool 2008scottw
 
Open Id, O Auth And Webservices
Open Id, O Auth And WebservicesOpen Id, O Auth And Webservices
Open Id, O Auth And WebservicesMyles Eftos
 
Authentication with zend framework
Authentication with zend frameworkAuthentication with zend framework
Authentication with zend frameworkGeorge Mihailov
 
OpenID in the Fedora Services
OpenID in the Fedora ServicesOpenID in the Fedora Services
OpenID in the Fedora ServicesPatrick Uiterwijk
 
Web Services with OAuth
Web Services with OAuthWeb Services with OAuth
Web Services with OAuthMarcus Ramberg
 
FOSSwire3 + OpenID
FOSSwire3 + OpenIDFOSSwire3 + OpenID
FOSSwire3 + OpenIDcvanp
 

Similar to An Introduction to OpenID (20)

Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
 
Open id & OAuth
Open id & OAuthOpen id & OAuth
Open id & OAuth
 
The Implications of OpenID
The Implications of OpenIDThe Implications of OpenID
The Implications of OpenID
 
OpenID and decentralised social networks
OpenID and decentralised social networksOpenID and decentralised social networks
OpenID and decentralised social networks
 
Building the Social Web with OpenID
Building the Social Web with OpenIDBuilding the Social Web with OpenID
Building the Social Web with OpenID
 
Rails flavoured OpenId
Rails flavoured OpenIdRails flavoured OpenId
Rails flavoured OpenId
 
OpenID Tutorials
OpenID TutorialsOpenID Tutorials
OpenID Tutorials
 
Rest Introduction (Chris Jimenez)
Rest Introduction (Chris Jimenez)Rest Introduction (Chris Jimenez)
Rest Introduction (Chris Jimenez)
 
Lecture 20101124
Lecture 20101124Lecture 20101124
Lecture 20101124
 
OpenID @ Winterschool 2008
OpenID @ Winterschool 2008OpenID @ Winterschool 2008
OpenID @ Winterschool 2008
 
Open Id, O Auth And Webservices
Open Id, O Auth And WebservicesOpen Id, O Auth And Webservices
Open Id, O Auth And Webservices
 
The Open Web
The Open WebThe Open Web
The Open Web
 
Facebook_Oauth
Facebook_OauthFacebook_Oauth
Facebook_Oauth
 
Facebook_Oauth
Facebook_OauthFacebook_Oauth
Facebook_Oauth
 
Authentication with zend framework
Authentication with zend frameworkAuthentication with zend framework
Authentication with zend framework
 
OpenID in the Fedora Services
OpenID in the Fedora ServicesOpenID in the Fedora Services
OpenID in the Fedora Services
 
Risks With OpenID
Risks With OpenIDRisks With OpenID
Risks With OpenID
 
Web Services with OAuth
Web Services with OAuthWeb Services with OAuth
Web Services with OAuth
 
Openid+Opensocial
Openid+OpensocialOpenid+Opensocial
Openid+Opensocial
 
FOSSwire3 + OpenID
FOSSwire3 + OpenIDFOSSwire3 + OpenID
FOSSwire3 + OpenID
 

Recently uploaded

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Recently uploaded (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

An Introduction to OpenID

  • 2. What is OpenID? OpenID is a decentralised Single Sign On system for the web. An Introduction
  • 3. Why OpenID? Too many user names? Too many passwords? User name already taken? An Introduction
  • 4. What is an OpenID? An OpenID is simply a URI, e.g. http://mmanders.myopenid.com An Introduction
  • 5. So what? You can claim ownership of a URI. The ability to prove ownership of a URI can facilitate authentication. An Introduction
  • 6. How? You don’t authenticate to a site with credentials agreed on with that site. You authenticate with credentials agreed on with your ID Provider. An Introduction
  • 7. This sounds familiar! It’s Similar to Microsoft Passport. It’s different in that Microsoft doesn’t have ownership – you do! An Introduction
  • 8. This sounds familiar! It’s an open standard. The standard isn’t owned by any single organisation. You don’t have to seek Microsoft permission to implement it. An Introduction
  • 9. Who has ownership? You do! You pick an Identity Provider. Or implement the server-side yourself! An Introduction
  • 10. A brief demonstration An Introduction
  • 11. How does sign-up fit in? Augments the sign-up process. Doesn’t provide information; authentication only. Still need CAPTCHAs. An Introduction
  • 12. Where does sign-up fit? Simple Registration Extension provides lightweight exchange of profile information. Beyond the scope of this introduction. An Introduction
  • 13. How does OpenID work? Link tag on OpenID page. <link rel=“openid.server” href=http://www.myopenid.com/server /> An Introduction
  • 14. How does OpenID work? Relying party establishes a shared secret with Identity Provider using Diffie-Hellman key exchange. An Introduction
  • 15. How does OpenID work? HTML at URI is parsed to discover Identity Provider. An Introduction
  • 16. How does OpenID work? User is redirected to Identity Provider in order to authenticate. An Introduction
  • 17. How does OpenID work? User is redirected back to relying party and shared secret is used to guard against spoofed requests. An Introduction
  • 18. Can I use my own URI? Using delegation, you can use your own domain as your OpenID! An Introduction
  • 19. Can I use my own URI? Put the following link tags in the head section of your domain index page: <link rel=“openid.server” href=“<id_server”> /> <link rel=“openid.delegate” href=“<delegate url>” /> An Introduction
  • 20. Can I use my own URI? For example, until I implement my own server, I use: <link rel=“openid.server” href=http://www.myopenid.com/server /> <link rel=“openid.delegate” href=http://maxmanders.myopenid.com /> An Introduction
  • 21. Can I change providers? What if I don’t trust my provider? You can simply delegate authority to a different provider! An Introduction
  • 22. Further Reading… The Specifications: http://openid.net Wikipedia: http://en.wikipedia.org/wiki/OpenID Implementation Libraries: http://openidenabled.com Jan Rain: http://janrain.com/openid An Introduction
  • 23. Thank You! Max Manders http://maxmanders.co.uk [email_address] An Introduction