tags:

views:

87

answers:

2
Q: 

facebook with openid

Referencing http://stackoverflow.com/questions/1827997/is-facebook-an-openid-provider here. This is kind of an additional question based on it.

I have also read the article at : http://stackoverflow.com/questions/2264266/what-is-the-openid-url-of-facebook - but I am still pretty confused on the whole ordeal. The goal is for people who use facebook to easily login to our website, not to neccessarily integrate with facebook and add things to it (yet). I have read the documentation on facebook connect and am still having trouble grasping exactly what we need to do to accomplish this.

I notice that it says that facebook accepts openid logins - so in theory someone with a facebook account could login to a site that took other openid logins, correct? Or do I have to code a separate 'facebookconnect' system just to accept logins from facebook accounts?

+2  A: 

There is a difference between an OpenID provider (who gives you a URL you can log into other sites with) and an OpenID consumer (who lets you log into their site using an OpenID URL).

Someone who "accepts openid logins" sounds like a consumer, but your description "someone with a facebook account could login to a site that took other openid logins" is describing a provider.

There's nothing stopping a site being both a consumer and a provider, but as far as I know, Facebook isn't one.

Gareth  2010-04-07 15:29:46
I believe we are aiming to be a consumer. We have implemented a basic DotNetOpenAuth relying party login that takes Google, OpenID, MSN, Yahoo, and AOL so far. The user clicks the button for whichever service they have an account for, is taken to that providers authentication page, and returned to our website logged in.
Stacey  2010-04-07 15:35:07
So I'm still unsure of what to do from here. So using OpenId, we cannot let facebook users login to our site?
Stacey  2010-04-07 15:51:26
You are right, you cannot. Facebook is not an OpenID provider, so you can't login with Facebook account to Stack Overflow or to your site.
wRAR  2010-04-07 19:33:19
+1  A: 

You have to code a separate "Facebook Connect" system just to accept logins from Facebook accounts, they do not use the OpenID standard.

RPX is a commercial service that offers a way to cut down on some of the confusion.

keturn  2010-04-07 19:30:36
Unfortunately I haven't been able to get RPX to work. Their examples do not work at all, and I have not been able to find any kind of support.
Stacey  2010-04-08 01:22:48
Well, so much for that plan then. I guess you'll be needing to do facebook connect integration. If you've already done OpenID, it shouldn't be too hard. The protocols are different, but many of the necessary workflow elements and abstractions are the same.
keturn  2010-04-08 04:21:43

related questions

how to get login credentials by openId?
OpenID Migration
PHP Tutorial for OpenId and OAuth
OpenID login workflow?
OpenID support for Ruby on Rails application
Using OpenID for both .NET/Windows and PHP/Linux/Apache web sites
What is the benefit of using ONLY OpenID authentication on a site?
Problems with migrating Cardspace cards between computers
secure way to authenticate administrator in ASP.NET site using OpenID with DotNetOpenID
How do I enable open id on a Java Webapp?
What would it take to make OpenID mainstream?
What's the best .NET library for OpenID and ASP.NET MVC?
Useful browser plugins for openid authentication?
How do I implement an OpenID server in Rails?
How do I implement OpenID in my web application?
Why is HTML form redirection used in OpenID 2?
How do you set up an OpenID provider (server) in Ubuntu?
OpenID as a Single Sign On option??
Should my website abandon username/password authentication in favor of OpenID?
OpenID authentication in ASP.NET?
Open ID - What happens when you decide you don't like your existing provider?
OpenID authentication in Ruby on Rails
OpenID Attribute Exchange - should I use it?
OpenID: which provider should I recommend to my users?
How do I use more than one OpenID?