Comments on: Enabling your application for return URL verification

By: cakebaker

cakebaker — Sun, 31 Jan 2010 16:17:14 +0000

@George: As far as I know they don’t support SReg and you have to use Attribute Exchange to retrieve the respective data.

By: George E.

George E. — Sat, 30 Jan 2010 17:41:13 +0000

I finally fixed it. I think there was a problem with the XML markup in the Yadis file. Now if only SReg would work with Yahoo…

By: cakebaker

cakebaker — Sat, 30 Jan 2010 15:34:00 +0000

@George: It seems like you could fix it in the meantime, at least I don’t get a warning when I log into your app with Yahoo.

By: George E.

George E. — Fri, 29 Jan 2010 03:52:46 +0000

Hey. Great article… except I can’t get it to work. My site is at http://openid.quickmediasolutions.com and it still gives that warning when I sign on with yahoo. The yadis document is at http://openid.quickmediasolutions.com/yadis.php and when I check the server logs, yahoo is indeed finding it and requesting it. But I still get the warning. Any ideas?

By: AddressBoy

AddressBoy — Fri, 28 Mar 2008 14:58:13 +0000

very useful, thanks!

By: Brendon Kozlowski

Brendon Kozlowski — Fri, 21 Mar 2008 00:50:15 +0000

Dan, thank you *very, very* much!

By: cakebaker

cakebaker — Thu, 20 Mar 2008 15:52:58 +0000

@Brendon: Thanks for your questions!

1.) OAuth allows you to authorize a website to access your data from an other website. For example, if you want to have prints of your private photos on Flickr, you could authorize a print service to access those photos, without giving the print service your Flickr credentials.

So the difference to OpenID is, that OAuth is about authorization (“what can he do?”), whereas OpenID is about authentication (“who is it?”).

Hope that is clear enough ;-)

2.) For the consumer part you may try http://www.plaxo.com/api/openid_recipe, for the provider part I am not aware of such an article. You also may have a look at the examples which come with the JanRain OpenID library.

By: Brendon Kozlowski

Brendon Kozlowski — Tue, 18 Mar 2008 18:36:55 +0000

Dan, I’ve been reading about how everyone and their uncle (well, in the developers’ circle of family) has been using and implementing OpenID, and to a lesser degree (though I’d expect it to gain more ground as OpenID did) OpenAuth. Since it seems you’ve been working with it quite a bit…

1.) What is (and is the diiference between OpenID and) OpenAuth exactly, in layman’s terms?

2.) Do you know of any references (sites, articles or otherwise) that discuss how to implement OpenID from start to finish (simple is fine)? I’ve only ever seen bits and pieces of code examples, but never a full implementation example.