OpenID best practices

Jump to: navigation, search


Best practices for sites that support OpenID (both providers and consumers).

See also: web-sign-in

OpenID providers

With a little bit of microformats support, OpenID providers can make their user identity URLs much more useful for their users.

In order of both importance and perhaps ease of implementation as well:

  1. Provide a user URL field and link to it with rel-me. Many (most?) users already have at least one other identity on the web, profiles, social network related, their own blog(s) etc. By providing a URL field for the user to link to their blog or other profile, you help enable users to explictly and visibly connect their OpenID identity URL with their existing online identity. Numerous sites allow users to link to at least one other profile URL.
  2. Markup a user's identity URL with hCard for their name, URL, email etc. and any other information about themselves they choose to make public on their identity URL. Several OpenID providers already do this, see: OpenID providers with hCard marked up profile pages.
  3. Provide multiple URL fields for a user to publish many links to "other profiles" of theirs. Several sites are doing this already, see services that enable users to list links to multiple other profiles.
  4. Markup a user's friends list with XFN. If your provider's user identity URLs also list users' friends lists, mark those up with XFN.
  5. Link to a separate XFN friendslist with rel-me. If instead your provider user identity URLs links to a users' friends lists, mark up that link with rel-me to assist autodiscovery of a friends list from an OpenID user identity URL.

OpenID consumers

OpenID consumers could consume hCard user profiles in addition to OpenID identity URLs, not for authentication, but rather to accelerate both sign up processes, and through profile syndication of those external hCard profile(s).

related

OpenID best practices was last modified: Thursday, November 14th, 2013

Views