Joseph Boyle who came to our identity panel at sxsw and then joined us for lunch has been sharing with me some of his OpenID challenges. These happen all the time – ALL THE TIME. Thing is – he is a tech guy and he still can’t get any of this to work. I asked him to document his challenges so I could share them with you – he sent this to me and O’Reilly tech folks (that was where he was trying to login)… I am hoping that these UI issues can be resolved soon.
I was going to sign up at:
https://en.oreilly.com/webexsf2009/user/account/signup/attendee#
and saw a Sign up with an OpenID option. Since I’m interested in OpenID, I thought I’d try to use an OpenID associated with one of my Yahoo or Google accounts, but this is proving more difficult than I expected.
I did manage to find Yahoo’s page for turning on OpenID support for my Yahoo account and did this, getting response:Feeling geeky?When you log in to a website that supports OpenID login we’ll send your OpenID identifier to the website so it can identify you.To make things easy, we have generated this identifier for you:https://me.yahoo.com/a/T_HpXDQkssQpI_sR……………………..
You don’t need to save this identifier. While logging in to websites, you can simply look for a Yahoo! button or typeyahoo.com in the OpenID text field. You can also choose additional custom identifiers for your Yahoo! account below.Not geeky enough, apparently, as pasting the Yahoo-provided identifiers into your OpenID box gives errors:
Unable to find OpenID server for ‘https://me.yahoo.com/a/T_HpXDQkssQpI_sR…………………….’Unable to find OpenID server for ‘http://www.flickr.com/photos/josephboyle’
Help! What am I doing wrong? Thanks, Joseph Boyle
OpenID is certainly a little non-intuitive. I made the following site as a test-bed for consuming OpenIDs http://foolstr.com and YES you can literally just type in yahoo.com or pick yahoo.com from the identity selector and then (if the stars aligh) you’ll be redirected from foolstr to yahoo and back where upon you’ll be logged in.
Since it’s a test bed, I capture NO personally identifiable information such as email or name so feel free to play with it and familiarise yourself with openID.
On the same note and even MORE complicated (but vastly more secure) is Cardspace which uses WS-Federation/WS-Trust under the covers. This one is very tough to explain and again I’ve setup a test harness which you can play with here:
http://francisshanahan.com/cardspace
Again, no personally identifiable information is captured so feel free to play with these.
All I ask is that if you find them useful or have feedback to let me know. It’s a brave new identity world out there and we need stuff like this to “take the edge off”.
Regards,
-fs
http://francisshanahan.com
I’ve had good luck using Verisign’s Personal Identity Portal as an OpenID provider. I also like the two factor authentication you get with one of their free mobile credentials for iPhone, Blackberry, and others.