26 Matching Annotations
- Dec 2023
-
developers.google.com developers.google.com
- Nov 2023
-
developers.cloudflare.com developers.cloudflare.com
-
Cloudflare Access has a generic OpenID Connect (OIDC) connector to help you integrate IdPs not already set in Access.
-
- Jan 2023
-
info.orcid.org info.orcid.org
-
solidproject.org solidproject.org
-
-
developers.google.com developers.google.com
-
openid.net openid.net
- Dec 2022
-
www.windley.com www.windley.com
- Aug 2022
-
www.25hoursaday.com www.25hoursaday.com
- Apr 2022
-
simonwillison.net simonwillison.net
Tags
Annotators
URL
-
-
ldapwiki.com ldapwiki.com
- Feb 2020
-
en.wikipedia.org en.wikipedia.org
Tags
Annotators
URL
-
-
openid.net openid.net
-
-
wordpress.org wordpress.org
-
OpenID Connect
-
-
openid.net openid.net
Tags
Annotators
URL
-
- Mar 2019
-
-
A locally unique and never reassigned identifier within the Issuer for the End-User, which is intended to be consumed by the Client
I wonder why this ID must be "unique and never reassigned...within the Issuer". This effectively makes it a trackable ID if clients work together.
What would break if this ID is unique within the (Issuer, client) combination.
-
- Aug 2018
-
www.lifewithalacrity.com www.lifewithalacrity.com
-
a self-elected “rogue” state
A singular description of Facebook.
-
Unfortunately, powerful institutions co-opted their efforts and kept them from fully realizing their goals.
Very clear assessment of what happened to OpenID.
-
- Apr 2016
-
hueniverse.com hueniverse.com
-
A delegated solution means that one site is simply outsourcing its authentication needs to another pre-selected site. If your site uses Facebook Connect, you are delegating your authentication facilities to Facebook. Visitors to your site cannot use any other accounts, only accounts from the vendors you have pre-selected. A federated solution means that visitors to your site can use any account they have, as long as it is compatible. It makes no difference to the site which account is being used, as long as it can interoperate. At its core, OpenID is a federated solution because its most important feature is the ability to use any OpenID account with any OpenID-enabled service. A good example is stores accepting credit cards. A store that accepts any Visa card is using federated payments – payments from any account that “speaks Visa”. But a store that accepts only credit cards issued by a specific vendor, for example, a department store branded card, use delegated payments. The reason why you no longer see many stores accepting only their own credit cards, is because it is bad for business. But not every OpenID implementation is federated, and this is the big dilemma OpenID has to resolve. The question is, can users use any account they want? If a site uses the Yahoo! OpenID service by using the Yahoo! button: but does not offer the ability to use other vendors, it is really just another delegated solution, even if it is powered by OpenID under the hood. In this case, OpenID becomes just a technical detail of the implementation, not part of its design. Much of the recent discussion about OpenID usability centers around using brands as a way to make the service more usable. But the problem with this approach is that is takes away most of the federated value out of OpenID, leaving it simply as a common protocol to implement proprietary delegated services. When implemented this way, OpenID adds no real value to services with an OAuth API. The question which solution to use for sign-in, OpenID or OAuth, is very much application specific. If you are building a brand new site that needs accounts, and want to leverage existing accounts from services such as Google, Yahoo!, and Microsoft, OpenID is a great option that will give your users a lot of flexibility. But if you are extending an existing service, implementing a specific API and building a site that has great dependencies on another service, OAuth gives you everything you need, for very little extra work. It is all about using the right tool for the job.
-
- Mar 2015
-
openid.net openid.net
-
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.
lol @ "simple"
-