tags:

views:

36

answers:

1

Will ClaimedIdentifier be changed?

I'm planning to store ClaimedIdentifier as a lookup field in my user data table. Will it become any problems in the future? I'm a bit worry.

eg:

var openid = response.ClaimedIdentifier.ToString();

It gives me the value: "https://www.google.com/accounts/o8/id?id=xxxxxxxx-e-xxxxxxxxxxxxxxxxxxxx"

I'm not quite sure to use this for looking up user in the datatable.

Many thanks.

Daoming.

A: 

Yes! You should use ClaimedIdentifier for the persistent identifier of a user, absolutely. That long URI you see in it is stable and the correct thing to store.

That said, be aware that Google uses true "directed identity" which means if you ever change the realm of your OpenID RP (usually this means the domain name of your web site) Google will send a different URL for all your existing users. So if you think that could ever happen to your site, you may want to also store the email addresses of your users so that you can correlate them again later. But that requires that you verify the email addresses, and you have to choose which Providers you trust emails from (probably just Google and Yahoo, and only when they provide email addresses ending with the domains they control), yada yada. It's a pain. So just don't change your domain name. :)

Andrew Arnott
Thank you man. kaka..
Daoming Yang