We're using an API from a provider; in their next version, they would provide an OpenId server but mostly the users are using their desktop application. An other website we're building would be opened from this application and we supposedly would connect with openid to access the resources stored in this provider.
Still I don't understand how this would work if user is already authenticated with the desktop, will they have to authenticate an other time ? What happens if they close their browser and reopen it, will they have to to do it again ?