Feed Sign in with OpenID OpenID

Simon Willison’s Weblog

How to turn your blog in to an OpenID

Wouldn’t it be great if you could use the same account to log in to multiple sites and applications, without having to trust them all with your password? Wouldn’t it be even better if you could do this without having to hand ownership of your online identity over to some monolithic third party? (I’m looking at you, .NET Passport Microsoft Passport Windows Live ID.)

The good news is, you can! OpenID is a decentralised authentication system invented by LiveJournal but now being developed as an open standard under the careful mentorship of the Apache Software Foundation. Anyone can create an OpenID, and the number of sites which let you log in with one is growing by the day.

An OpenID is simply a URL. My OpenID is simonwillison.net, the address of my weblog. I can use it to sign in to any site that supports OpenID, and because I’m the only person with control over my weblog’s homepage I’m the only person who can use that identity.

If you want your own OpenID (and you should), here’s how to get one.

1. Sign up with an OpenID provider

OpenID is decentralised, which means that anyone can set themselves up as an OpenID provider. You can run your own server if you want to (phpMyID is one way of doing that) but there are a number of free services that will host an ID for you. Those include:

  1. LiveJournal. They invented it, and if you have a LiveJournal account you already have an OpenID—it’s the URL of your journal. I’m swillison.livejournal.com.
  2. Vox—Six Apart’s sexy new social network thang. I’m simon.vox.com.
  3. VeriSign Labs, who have done some excellent work around OpenID and run a provider as part of their Personal Identity Provider service. I’m swillison.pip.verisignlabs.com.
  4. MyOpenID, run by JanRain, authors of the most widely used OpenID libraries. I’m swillison.myopenid.com.

If you already have an account with Vox or LiveJournal you can skip straight to step 2. If not, pick the provider that you trust the most and create an account there. This isn’t a permanent decision: you can move provider at any time without losing your account, provided you follow step 2.

2. Point your own site at your new OpenID

Here comes the magic. Having picked your provider and created an OpenID there, edit the HTML of your weblog’s homepage (or indeed whichever URL you want to use as your personal OpenID) and add the following to the document <head>:

<link rel="openid.server"
  href="http://www.livejournal.com/openid/server.bml">
<link rel="openid.delegate"
  href="http://swillison.livejournal.com/">

Replace the openid.delegate href with the OpenID at your provider, and the openid.server href with that provider’s OpenID server. You can find the server by viewing source on your OpenID page there, or by using this table:

OpenID ProviderServer URL
LiveJournal http://www.livejournal.com/openid/server.bml
Vox http://www.vox.com/services/openid/server
VeriSign https://pip.verisignlabs.com/server
MyOpenID http://www.myopenid.com/server

This delegation mechanism is key to OpenID’s status as a truly decentralised authentication system. If you decide you no longer trust your identity provider you can switch to another one by just editing a couple of lines of HTML—your OpenID will stay the same.

3. Log in to something!

Now that you have an OpenID, you can use it to log in to all sorts of sites. Find their OpenID login form and enter your new OpenID—that’s the URL of your weblog. You will be redirected to a page on your identity provider which will either ask you to log in or ask you to authorize the site to use your identity. Click “Yes” and you’ll be sent back to the original site and magically logged in—no password required.

I’ve been collecting a list of sites that allow you to log in using OpenID under the openidconsumer tag; sites you may have heard of include Ma.gnolia, Zooomr and Wikitravel.

OpenID on simonwillison.net

This whole entry is a round-about way of announcing the addition of OpenID support to my weblog engine. You can sign in here; once signed in you’ll be able to leave comments with a pretty OpenID logo (proving that they came from you) and track recent comments that you’ve posted on the Your Comments page. I’m working on adding other functionality for logged-in users such as the ability to edit your own comments or for trusted users to flag comment spam.

This kind of light-weight account mechanism is one of the things that makes OpenID so interesting. I doubt I could convince anyone to create a new account just to access a few features on my weblog, but if they already have an OpenID the overhead of logging in is small enough that I’m hopeful at least a few people will give it a go.

As always, report any bugs in the comments.

Update: I’ve created a screencast showing how to use OpenID.

Posted 19th December 2006 at 11:37 am

This is How to turn your blog in to an OpenID by Simon Willison, posted on 19th December 2006.

Tagged , , , , ,

View blog reactions

Next: Why JSON isn't just for JavaScript

Previous: Finally powered by Django

142 comments

  1. There's masses of potential with OpenID, and I think once people get their heads around the process flow we'll start to see implementations grow in number.

    Getting user acceptance is another hurdle - but hopefully not an insurmountable one.

    Drew McLellan - 19th December 2006 12:15 - #

  2. The biggest hurdle appears to be explaining what it is and how it works - just putting this blog entry together took quite a bit of head scratching, and I'm still not sure I got the right angle on it.

    Simon Willison - 19th December 2006 12:22 - #

  3. This is pretty cool. Although I must admit to not fully understanding it :) If I don't *get it*, I'd be concerned that most of the people I know won't.

    Getting the big boys to provide it is important - I'm thinking MySpace, Facebook, YouTube - these have some of the biggest communities outside of the IM networks (what happened with Yahoo! opening up potentially one of the largest user bases online?)

    Mark S - 19th December 2006 12:27 - #

  4. Yahoo! launched BBAuth a while back, which is similar to OpenID in that it lets Yahoo! users sign in to your application - the difference is that the only information it gives you is a userhash (unlike OpenID which at least gives you a URL) and it's centralised around Yahoo!'s authentication servers.

    Simon Willison - 19th December 2006 12:32 - #

  5. I've been meaning to look into Open ID for a while but never quite got around to it. Thanks for this quick intro...can we have a equally quick intro to how to implement it in applications?

    I'm lazy, sorry, but it would be good to know as you've obviously already done the legwork.

    Great post though, cheers!

    Dan Webb - 19th December 2006 12:41 - #

  6. Dan: I'll try to post something about that in a day or two.

    Simon Willison - 19th December 2006 12:43 - #

  7. Good short introduction to the matter. I agree it is a great mechanism to stop you from having to remember hundreds of logins.

    Chris Heilmann - 19th December 2006 12:53 - #

  8. It's not a smooth and quick process to set up an account, and most people don't have sites (I'm guessing), but I like the concept.

    Dave Child - 19th December 2006 13:12 - #

  9. Great blog post! I've set up an OpenID with myopenid.com (tried Vox first but couldn't get it to work with Zoomr login). I had seen OpenID discussed before, on Slashdot, but it wasn't explained very well and I dismissed it after a short look. But as it's free and open, there's no excuse not to give it a try.

    I really like that you can use your website to delegate to your actual server, giving you a easy URL to remember. I can see OpenID being a good idea for businesses, perhaps running an OpenID server for their employees.

    Now all I need are some websites I actually use to support it.. :P

    Bruce Boughton - 19th December 2006 13:53 - #

  10. Logging in using my blog (http://groovymother.com/) which delegates to a self-hosted phpMyID didn't work. Not clear which end failed.

    However, logging in with my iName worked a treat. Hurrah!

    Rod Begbie - 19th December 2006 13:58 - #

  11. Oops, I didn't take iNames in to account - will have to fix the template not to render them as links.

    Simon Willison - 19th December 2006 14:08 - #

  12. My self-hosted OpenID allegedly gives out my nickname and my full name, but your comment form still asks for my name anyway. Bug on my side or yours?

    Mark - 19th December 2006 14:30 - #

  13. That's my bug: I haven't integrated any of the identity discovery stuff yet - just basic authentication. I've set it up so that if you've commented before it will pre-populate with the name that you used in your last comment though.

    Simon Willison - 19th December 2006 14:54 - #

  14. (Aside: having load issues at the moment so I've turned on full page caching - this means comments may take up to two minutes to show up.)

    Simon Willison - 19th December 2006 14:58 - #

  15. Wow, Simon -- this is fan-freeking-tastic.

    I especially like the "signed in as" with the OpenID logo at the top; it's a neat reminder.

    I'm assuming you did this as a custom Django auth backend -- any chance you want to share the code?

    Jacob Kaplan-Moss - 19th December 2006 14:59 - #

  16. I'll definitely share the code - it's actually decoupled entirely from the auth stuff at the moment (I don't even use sessions; I'm using a signed cookie instead) but I'm going to add a way of hooking an OpenID up to a proper site account at some point.

    Simon Willison - 19th December 2006 15:02 - #

  17. Sweet!

    Hurrah for the network effect - the more blogs supporting OpenID the better :)

    Jason Davies - 19th December 2006 16:00 - #

  18. So, as a non-openid user, it's about 5 steps too many to create an account.

    What is the one easy way to tell my user (Johnny NoWebsite) to get an account?

    Bill Mill - 19th December 2006 16:17 - #

  19. Bill: OpenID isn't a replacement for your own account system. If it's too complex for your users, just give them a regular sign-up process and have them create accounts with usernames and passwords on your site. Then have an option for users who understand OpenID to associate their OpenID with their account and log in with their OpenID instead of having to remember their password.

    Simon Willison - 19th December 2006 16:27 - #

  20. I think it would be worth it to me if I could delegate all of my auth responsibilities to OpenID, but that it's too small of a benefit for me to implement just so that a few of my users don't need to remember a new password for my site.

    It should be easy as pie for a user to get an OpenID and then be able to sign in on any OpenID-enabled site. (Like a distributed typekey (http://typekey.com))

    I'll enable comments on my site again once something like this is easy to use.

    Bill Mill - 19th December 2006 16:39 - #

  21. It's pretty easy to sign up for an OpenID with somewhere like www.myopenid.com. Surely just as easy as signing up for a typekey...

    Jason Davies - 19th December 2006 16:45 - #

  22. Jason: That's exactly what I was looking for, and it worked like a charm. Sweet! (gets to hacking...)

    Bill Mill - 19th December 2006 17:12 - #

  23. Good stuff.

    JonD - 19th December 2006 17:18 - #

  24. Dave Child: You don't need to own a site or a domain. Just use the URL the IdP provides (someone.provider.net).

    sessy - 19th December 2006 17:29 - #

  25. Works like a charm. I'm a big fan of OpenID: Thanks for supporting it.

    Reginald Braithwaite - 19th December 2006 17:43 - #

  26. Nice info - thanks Simon. I like the idea of using OpenID to validate user comments.

    It seems to me that we blindly trust that people posting comments are who they say they are - much potential for damaging someone's reputation. OpenID seems like a good solution.

    Ed Eliot - 19th December 2006 18:15 - #

  27. Very cool. Thanks for the post!

    Brian Ellin - 19th December 2006 18:15 - #

  28. Good Job!!!

    Chang - 20th December 2006 00:15 - #

  29. This is awesome! Thanks for posting this. I've been trying to wrap my brain around for a while, and I think I'm finally starting to understand it.

    You've just convinced me to implement OpenID in my next Django project. :)

    Daniel - 20th December 2006 00:31 - #

  30. AuthKit now has full OpenID support too so anyone who wants to use Python to add OpenID to their blog too can use AuthKit to do just that!

    James Gardner - 20th December 2006 02:54 - #

  31. Regarding iNames, you can still render them as links. Just use the XRI resolution format: http://xri.net/=whatever. I logged in w/ my OpenID, but my iName is =trei and so the url is http://xri.net/=trei. More info about all that at http://xri.net.

    Trei Brundrett - 20th December 2006 03:24 - #

  32. For big dummies like me, you might want to specify in Step #2 that the code goes in the header of your Web page.

    Thanks for the writeup, though, very straightforward. -- Joe

    joelogon - 20th December 2006 04:00 - #

  33. This is great! I just created an open id account and signed into your website ... I think it worked, but it's hard to tell b/c I still see the 'Sign in with OpenID' link above the comments section. Either way, I'll be looking into this more and trying to promote it - it's a great idea. Thanks for the post!

    Kevin - 20th December 2006 05:44 - #

  34. Simon,
    This is waaay cool. I was looking at this only the other day for my own django site ;)

    I used my verisign pip to login (their log says it authorised) but I still see the 'Sign in with OpenID' link. Buglet?

    Tony - 20th December 2006 07:24 - #

  35. Technorati supports OpenID too, both as a way to sign in, and using the Technorati profile URL as an ID source

    Kevin Marks - 20th December 2006 07:40 - #

  36. Much like Tony, I'm seeing the "Sign in with OpenID" after attempting to sign on through various OpenID endpoints.

    Scott Johnson - 20th December 2006 07:53 - #

  37. I think I broke OpenID sign-ins here when I was switching web servers. I'll get it up and running again today.

    Simon Willison - 20th December 2006 08:21 - #

  38. don't forget about http://getopenid.com

    it's a registrar that's SSL-enabled for extra security

    Aaron - 20th December 2006 08:24 - #

  39. OpenID sign-in should be working again. I'm hopefully a lot more resilient to traffic now as well.

    Simon Willison - 20th December 2006 10:59 - #

  40. Actually more information could be obtained @

    http://en.wikipedia.org/wiki/OpenID
    http://openid.net/

    Demiurg - 20th December 2006 11:00 - #

  41. Now it works perfectly :) Yesterday I couldn't logging into your blog using my OpenID :(. Great job Simon

    Regards from Spain!

    Alfonso Jiménez - 20th December 2006 11:53 - #

  42. Oh, hell there. Nice to see more OpenID adoption. Please keep up with your "evangelism" work.

    Ivo Emanuel Gonçalves - 20th December 2006 13:50 - #

  43. Hmmm... I was trying to get phpMyId working, but it didn't work for me (yes, I did hash the password as the instructions said to). I'm currently trying out MyOpenID, and it seems to be quite nice. Thanks for the excellent article! :)

    Daniel15 - 20th December 2006 14:49 - #

  44. Thanks Simon! This is a well written HOWTO. I have to admit, I didn't totally understand OpenID until implementing it after reading your post. I did make one minor change though. Adding a slash to the links (<link rel ... />) makes them XHTML compliant. Thanks also for the link to phpMyID, it is easy to set up and seems to be working well.

    jpreardon - 20th December 2006 14:58 - #

  45. Great, but I believe that email providers plus google-microsoft-and-so must take part in this OpenID, or it is going to be vaporware.

    Manuel Gonzalez - 20th December 2006 17:08 - #

  46. Thank you for taking the time to write an intro that a slightly-less-techie person can understand.

    Your next task: So, in 10 words or less, what IS Web 2.0?

    (runs away)

    Husey - 20th December 2006 18:00 - #

  47. Thanks for the clear instructions. This is my first login with my new OpenID.

    Jason Clark - 20th December 2006 18:42 - #

  48. Ah, excellent, Simon.

    A great post and lots of new adopters it seems found you as well.

    Thanks, and congrats,

    Terrell
    http://claimID.com

    Terrell Russell - 20th December 2006 19:02 - #

  49. ^^

    nhan - 21st December 2006 03:07 - #

  50. Very very cool simon. I just translated your post on my journal. Think it will help french users and I hope you don't mind. If so just drop me a mail or a comment. Thanks.

    Christophe Ducamp - 21st December 2006 11:05 - #

  51. Thanks for pushing me over the edge. I had OpenID (client and server) running on my Wordpress blog but then changed themes and it went kaflooie. So I've bitten the bullet and gotten an account on JanRain's myopenid and now I'm delegatin'. That solves the server part but I'm back to square one on the client...

    Bill - 21st December 2006 14:40 - #

  52. Nice explanation. As others have said, what we need now are some of the big beasts in the tech jungle to take it up. Of course, my blog isn't enabled yet...

    Chris Rimmer - 21st December 2006 16:40 - #

  53. This is pretty interesting. I was able to sign in to post a comment using my Vox OpenID! Technology gets cooler and cooler every day.

    As far as I can tell, LiveJournal allows comments using OpenID, but you can't yet add comments to Vox posts using an OpenID. Am I missing something?

    Ben Gertzfield - 21st December 2006 17:21 - #

  54. yay for OpenID! :)

    Max Howell - 21st December 2006 18:46 - #

  55. i-name support works as well with an edited SEP file on 2idi...

    Avery Glasser - 21st December 2006 19:23 - #

  56. Good post, very interesting.
    Let's hope more and more platforms start embracing OpenID soon: right now it is quite hard to find a website to test you brand new id :P

    Simbul - 21st December 2006 20:37 - #

  57. Thanks for this extremely helpful post. Now I understand how to use OpenID.

    Neville - 21st December 2006 23:06 - #

  58. Thanks for getting the i-names stuff to work. I am super jazzed OpenID is happening...I can't wait for more blogs to have it. I will finally be willing to comment on peoples blogs.

    Kaliya - 22nd December 2006 02:17 - #

  59. You realize the link doesn't resolve? All you have to do is put http://xri.net/=kaliya for a link and it gets to my contact page.

    Kaliya - 22nd December 2006 02:19 - #

  60. Nice. I would like to to translate this post into Chinese. Thanks.

    Feir - 22nd December 2006 03:15 - #

  61. You might want to note that <link>s must be placed in the <head> for OpenID servers to be able to find them. Currently you just say "edit the HTML". Working great here after that change though :)

    Seth Kinast - 22nd December 2006 03:47 - #

  62. Bonjour Simon.

    How about adding claimid as a nice OpenID provider (server http://openid.claimid.com/server) ?
    <pre>
    <link rel="openid.server" href="http://openid.claimid.com/server" />
    <link rel="openid.delegate" href="http://openid.claimid.com/xtof" />
    </pre>

    Think I'll hack the french translation - if you don't mind ;) Happy Xmas

    Christophe Ducamp - 22nd December 2006 07:30 - #

  63. Bonjour Simon.

    How about adding claimid as a nice OpenID provider :

    openid.server : http://openid.claimid.com/server

    openid.delegate : http://openid.claimid.com/xtof

    Ready to add that to the french translation (http://xtof.livejournal.com/3305.html) if you don't mind.

    Cheers & Happy Xmas

    Christophe Ducamp - 22nd December 2006 07:36 - #

  64. Thanks Kaliya; I've fixed up i-names to provide a proper link. Othen than doing that I didn't have to do any extra work to support them - the JanRain Python OpenID library provides that for free.

    Seth: I've updated the entry to reflect that; thanks.

    Feir: Go ahead!

    Simon Willison - 22nd December 2006 09:23 - #

  65. Thanks for the post, made me create an OpenID.

    Arnaud Leene - 22nd December 2006 10:41 - #

  66. Despite me setting up an Open ID with claimid.com account a good few months back, this is the first time, this is the first time I've actually used it.

    The usage seem pretty simple from a consumer end. Are there any idiot-simple, blogger style three step illustrations explaining how non tech savvy people would use it?

    Currently, finding out about, involves trawling through a fair amount of dense text, which is pretty off putting for casual users.

    Chris Adams - 22nd December 2006 13:44 - #

  67. Well this is the first time I've signed in with OpenID. Love it, can't wait until everything uses is, hurrah, no more passwords!!

    Neil Edwards - 22nd December 2006 13:47 - #

  68. Sort-of response (not by me):
    http://adamcaudill.com/2006/12/21/openid-id-of-the -future/
    Related reddit thread:
    http://programming.reddit.com/info/vpc5/comments

    Jeremy Dunck - 22nd December 2006 14:16 - #

  69. Thanks for putting this together. My main problem is that not enough sites use it. Hopefully, your information will help break the chicken and the egg problem. Cool that you put your screencast up on the archive as well. Cheers!

    BeatriceM - 23rd December 2006 05:31 - #

  70. Thanks, Simon.

    Marie - 23rd December 2006 06:31 - #

  71. When I tried to use this, I signed up with Verisign, however when I try to use the delegate with my own OpenID, it redirects properly to Verisign, but then Verisign's site says:

    "You do not own myid.pip.verisignlabs.com. Please login with an account that owns this url."

    Even though at the top of the Verisign page it says logged in as me, and my identity URL is correct as myid.pip.verisignlabs.com

    Maybe Verisign's the only provider that has this problem?

    Steve - 23rd December 2006 13:48 - #

  72. This is great except it also puts the onus of security on the OpenID holder. While it's very convenient to create your own OpenID by just adding two links on your HTML page, that also means now that page needs to be very secure. If someone can easily edit your HTML, they can simply redirect your login and you're screwed. Same goes for the OpenID providers, if any of them slacks on security, you have now broken your identity on multiple sites. Also, these providers (at least Verisign) shows you all past activity, so if someone can break into that provider, they can instantly see all the sites you are using with that OpenID, making exploitation even easier. I think this is a great concept, but I'm surprised he doesn't mention the security issues that this creates. It's one thing to worry about whether the provider goes out of business, but it's another to recognize how easy it is to exploit. That's a benefit of a strong master who has very tight security controls in place.

    Steve - 23rd December 2006 13:58 - #

  73. VOX provider isn't working with the delegate trick either, what's going on?

    Steve - 23rd December 2006 14:07 - #

  74. Ok, I think I figure out the issue. In the delegate, you must put the full http protocol around your delegate name. However, when you sign in with OpenID (at least on the sites I tried), you do not need to put the http around the delegate name. To be safe, you can just put http around everything, even when you sign in.

    Steve - 23rd December 2006 14:28 - #

  75. Ok, I think I figure out the issue. In the delegate, you must put the full http protocol around your delegate name. However, when you sign in with OpenID (at least on the sites I tried), you do not need to put the http around the delegate name. To be safe, you can just put http around everything, even when you sign in.

    Steve - 23rd December 2006 14:28 - #

  76. Worked pretty well, thanks for the info!

    The_Decryptor - 23rd December 2006 14:31 - #

  77. just testing out something for The_Decryptor

    karl - 23rd December 2006 14:41 - #

  78. Neither zooomr [ http://beta.zooomr.com/login/ ] nor simonwillison.net like how http://cdn.cx/ presents itself - yes, I know there's nothing there. I didn't have <head> and </head> until five minutes ago ...

    Chris Neale - 23rd December 2006 14:46 - #

  79. Hm, seems to work!

    Red - 23rd December 2006 15:12 - #

  80. It would be great if Firefox had an OpenID login field. It would make the entire browsing experience seamless!

    Liono - 23rd December 2006 19:07 - #

  81. Cool stuff Simon, I've had ClaimID a while but I'm up and running with OpenID too. I guess I'll need to hunt down a WordPress plugin now for my regular commenters.

    Karl - 23rd December 2006 20:43 - #

  82. OpenID is a great idea but it needs some sort of megasite to support it before it will become very mainstream. I'm thinking digg, Joystiq/Engadget/that network, or some other site that has a mass following.

    Great screencast too, helped me see exactly how to do things.

    Billy Presley - 23rd December 2006 23:32 - #

  83. Thanks for the fantastic tutorial! I was wondering how to get this to work with my blog, didn't realise your own OpenID server wasn't needed. Nice one!

    Glad to see you doing more "this is what it is, this is how you use and this is why you care" posts again -- really your forte ;-)

    Meri - 23rd December 2006 23:56 - #

  84. May I just point out that it may be slightly confusing for those who don't know much about OpenID that you have four OpenID identities, with all four providers, in your example above? For almost everyone, the main reason for using Open ID is to reduce the number of logins but they may misunderstand that you need lots of OpenIDs. Though you probably have more experience writing these things and so may know better!

    Lionel Matsuya - 24th December 2006 10:55 - #

  85. I've been meaning to figure out OpenID for a while now. Thanks to this howto I went ahead and created an account at myopenid.com.

    Marius Gedminas - 24th December 2006 11:25 - #

  86. Hey,

    Thanks for the article, this is really cool :-) A suggestions though: When I sign in with OpenID, it would be nice if your login page redirected to the referring page (i.e. this page).

    I can see a few problems with OpenID, mainly for websites to transition from their built-in authentication to OpenID.

    Providing they allow some way of linking your OpenID to your profile (whatever this means in the context of the website), then this transition should be smooth.

    For example, I want to be able to use my OpenID login for {YouTube, Google Mail, LiveJournal} but obviously keep my current profile/email setup.

    Finally, I don't really think that most users will care about how it *works*, only how to *use* it. They should be aware of is that the login page should have the URL of <their OpenID provider> to prevent phishing, for example.

    Kris Marsh - 24th December 2006 12:54 - #

  87. that's pretty cool.

    Could you please also write "how to make your django app using OpenID".

    That would be really really nice :)

    mike - 24th December 2006 13:44 - #

  88. This kinda rocks :)

    Now it's time to create a MyID.py *g

    gummibaerchen - 24th December 2006 14:08 - #

  89. Can I create a OpenID provider server that's ONLY for 3 websites that I own?

    Also, if people register to the provider for the first time, and I want them to enter extra attributes, for example their Waist size...

    Is OpenID directly able to handle these extra attributes or is it something I code myself?

    Ash\ - 24th December 2006 16:58 - #

  90. Seems that phpMyID 0.3 is not quite there yet. Set it up on my site - no joy. Sent logs to the author. Hopefully we can work through whatever went wrong.

    I do prefer hosting my OpenID "identity" at my own domain (rather than through a third party). So phpMyID is exactly the sort of minimal-dependency drop-in solution it would be good to have working.

    Preston L. Bannister - 24th December 2006 19:46 - #

  91. Great piece, Simon! Thanks a lot -- I definitely want to do this. And if you want to share your code, I'm all for it. :)

    Jeff Croft - 24th December 2006 21:08 - #

  92. I need to take a more detailed look at how the source actually works, but I've set one up, and I definitely like it.

    I can't wait to play more…

    Jeff - 24th December 2006 23:48 - #

  93. This jazz really works!

    Alex Jones - 25th December 2006 13:42 - #

  94. Simon,

    I appreciate the concept of the OpenID, however at this stage I don't see a compelling reason for the masses to use it.

    Anyone that might use an OpenID, will already have trusted their account information to one or both of the monolithic companies you pointed out. Think about it for a second, the majority of people use Windows; as such probably have it registered. If you dismiss that option, the vast portion of people will probably have either a Hotmail/Live account, Yahoo! account and in quite a few cases, both. So if a hell of a lot of people already have account information held with the monoliths, why would they want to give it to yet another?

    For something like OpenID to really take off, in my opinion - it would need to be integrated into, but certainly not limited to, your monolithic companies listed above. If that were the case, you might end up with a true single sign on solution for the internet.

    The next question is though, would Microsoft or Yahoo! want to risk diluting their respecitve single sign on products, just to make someones life ever so slightly more convenient?

    Al.

    Alistair - 26th December 2006 14:01 - #

  95. Good Job spreading the word about OpenID, now I'm using Technorati as provider, but it lacks SSL support. It could be great if Google supports OpenID...

    Elías Torres - 26th December 2006 20:11 - #

  96. It looks like the OpenID signin is back to a working state again. :) A very nice touch to this site.

    Scott Johnson - 27th December 2006 17:46 - #

  97. Thanks Simon, this is great! I didn’t know about delegation before.

    I had experimented with phpMyID but couldn’t get it to work. Now I can delegate to a provider until I am able to provide michaelstrasser.com myself.

    Michael Strasser - 28th December 2006 11:57 - #

  98. Still can't use my delegated OpenID to sign in here ... entering http://cdn.cx at http://simonwillison.net/openid/ sends me to http://simonwillison.net/openid/begin

    Works at ma.gnolia; but not at zooomr

    Chris Neale - 28th December 2006 20:16 - #

  99. Thanks for this screencast! It was most helpful and should help people understand how easy it is to set things up, as well as learning how to have a "permanent" OpenID URL using your own domain. This is not obvious to most people!

    Gwyneth Llewelyn - 28th December 2006 23:13 - #

  100. Very Cool! Thank You.

    Anil John - 29th December 2006 06:24 - #

  101. Uh, wow.

    That was easy. :-)

    Jeremy Zawodny - 1st January 2007 01:39 - #

  102. very interesting article.

    Do you know if it is easyly possible to turn dotclear into an OpenID consummer?

    Guillaume Plouin - 2nd January 2007 14:10 - #

  103. <shameless plug> I wrote a small OpenID links plugin for Wordpress. It only adds OpenID links to the <head> of your blog, which is useful if you often change themes.

    Matthijs - 2nd January 2007 23:00 - #

  104. This is just a test of making a comment with OpenId. Please ignore me. Thanks.

    Damian Cugley - 4th January 2007 15:48 - #

  105. If you like the decentraliced idea of OpenID you perhaps do like the idea of a decentralized avatar: pavatar.com. The Pavatar spec is now in Candidate Recommendation status and we need some plugins for different software.

    Some people think OpenID and Pavatar work well together: OpenID + Pavatar is a good thing and so do I. It would be really cool to have only the one URL to log in and add your avatar automaticly on sites like Flickr, MySpace, Mo.gnolia some forums and so on.

    Jeena Paradies - 4th January 2007 21:24 - #

  106. Don't doubt, you convinced me to create a new account just to access a few features on your weblog ... and to write this comment in order to test if everything is ok and how thing look ;-) Thanks!

    paolo - 4th January 2007 23:07 - #

  107. Top notch. I just made one up.
    Took 5 minutes:
    2 with verisign,
    1 making a subdomain,
    2 making a quick and dirty html page.

    Oli - 7th January 2007 16:42 - #

  108. Er, right, let's see if this OpenID stuff worked.

    pauldwaite - 8th January 2007 00:11 - #

  109. Sweet, it did.

    So, I've signed up with an OpenID provider and got an OpenID URI with them, but that doesn't matter, cos the HTML <link> elements I put on my domain means I can use my domain's URI (pauldwaite.co.uk) as my OpenID instead. That's sweet.

    pauldwaite - 8th January 2007 00:15 - #

  110. I tried signing in on your site here using my homepage address, but it didn't work, I kept getting a 404 not found error. I can sign in using my TypeKey profile URI, though. Additionally, I tried to log in using again, my homepage URI at http://www.openidenabled.com/ and was able to hop on and authenticate through TypeKey without a hitch. For any readers of yours looking for how to do this with TypeKey (I couldn't find the info on the TypeKey site) is this:
    <code>[link rel="openid.delegate" href="http://profile.typekey.com/username/" /] [link rel="openid.server" href="https://www.typekey.com/t/openid" /]</code>
    Just replace every "[ ]" set with "< >"
    Good luck to all, hope to see this spread.

    Brian - 9th January 2007 05:56 - #

  111. I tried adding the <link> tags to my blog's head area, but I keep getting the following error from myopenid.com:
    "This openid server is not authoritative for http://cs.nerdbank.net/blogs/jmpinline/default.asp x"

    Andrew Arnott - 9th January 2007 19:42 - #

  112. Pretty clever! I didn't use a blog, since this doesn't *really* have anything to do with using a blog, just any url where you have control over the HTML content (i.e. can add the appropriate meta tags). Thanks!

    scotte - 10th January 2007 06:37 - #

  113. Shiny. I still don't get it, but it'll sink in, then I'll add it to DasBlog.

    Scott Hanselman - 11th January 2007 09:31 - #

  114. Good job with this! I am going to mull over everything and see if I am able to write something simple on my site as well. (As of this writing, the current website is too archaic for me, and I have a new one slated to be up sometime this month.)

    Tom Martin - 14th January 2007 04:04 - #

  115. I finally setup an OpenId. From the info on your site and this easy advice for setting up my homepage as an OpenID proxy, I finally "get" OpenID. Well, I get it as well as I can understand the slippery idea of "identity", but that's really a much larger question that has plagued mankind for ages.

    Anyhow, thanks very much. This post (and others on your site) are very clear and helpful.

    dom - 15th January 2007 18:48 - #

  116. Great article! Thanks for the advice!

    Tim Stoop - 18th January 2007 14:50 - #

  117. Thank you for this article :)

    Julie - 18th January 2007 20:15 - #

  118. You may want to close those link tags in the sample code. Thanks for the tutorial. I have been waiting for someone to make it easy for me :-]

    Chris - 19th January 2007 06:05 - #

  119. That last note is exactly why I started using OpenID; There's no point in registering at my blog (and a billion others) just to leave a comment! But with OpenID there's hardly any hassle.

    GP - 28th January 2007 06:54 - #

  120. Thanks for the How-To! I implemented your directions on my blog and logged in here amazingly easily to leave this comment. I used Vox as my OpenID server.

    I'm still puzzled how OpenID works "under the hood" but right now I'm just happy I didn't need to fill in any more boxes with the same old stuff. Thanks again!

    Raffy - 8th February 2007 00:49 - #

  121. A fantastic introduction, the flow of language is pitched just right to inform without lecturing or droning on with mindless jargon. I've already started lobbing it at various friends maintaining private weblogs.

    Ben - 10th February 2007 21:00 - #

  122. Excellent! Thank you, thank you.

    Brett - 13th February 2007 02:59 - #

  123. Nice presentation. I followed the link to phpMyID and 20 minutes later, here I am! Sweet.

    Texatopia - 16th February 2007 04:42 - #

  124. Thank you Simon!

    That was almost too easy

    Robbie Coleman - 23rd February 2007 16:55 - #

  125. Awesome, thanks for the help. I hope everyone goes this route very soon.

    jeadly - 23rd February 2007 18:46 - #

  126. Nice intro. I had problems setting up the delegate to myopenid until I noticed in their docs that you need a meta tag as well as the two links. See https://www.myopenid.com/help#own_domain

    Didn't notice anyone else hitting this, but I scanned the comments pretty quick, sorry if this is a dupe.

    Also, using wikitravel as a test, it seems to have created me two separate logins using the myopenid direct, and then via the delegate. That's a bummer, and slightly unexpected, but perhaps that's in the spec.

    max - 23rd February 2007 20:56 - #

  127. I just created an OpenID and wanted to try it.

    Ideogram - 25th February 2007 09:23 - #

  128. Thanks to this simple tutorial, I finally had my "Aha!" moment with OpenID. Thanks a ton.

    John Fink - 26th February 2007 00:57 - #

  129. Great Write-Up. All, there is a wordpress plugin for openid. Google it ;-)
    Cheers!
    Alpesh

    Alpesh Nakars' Blogosphere - 26th February 2007 03:07 - #

  131. hi
    very nice work...

    evden eve nakliyat - 26th February 2007 15:02 - #

  132. Hi
    I didn't take iNames in to account - will have to fix the template not to render them as links.

    lazer epilasyon - 26th February 2007 15:08 - #

  133. This is like LDAP for internet.
    This is great stuff, I dont have to remember now rememeber different user names and password.

    Thanks!

    Jatinder Singh - 1st March 2007 20:26 - #

  134. thankkss alll.

    nakliyat - 6th March 2007 09:44 - #

  135. A large bulb has just illuminated about my small brain. Thanks for this. It makes so much sense.

    George - 6th March 2007 12:10 - #

  136. great thanks, good tutorial

    çiçekçi - 8th March 2007 20:25 - #

  137. Good information! Thanks! Heiko from Germany

    Heiko Maniero - 8th March 2007 23:16 - #

  138. Very good. Thanks for all the work. Steven

    Steven - 14th March 2007 08:44 - #

  139. Worked pretty well. Thanks a lot. Jürgen from Germany

    Jürgen - 16th March 2007 18:11 - #

  140. Thanks to this simple tutorial, I finally had my "Aha!" moment with OpenID. Thanks a ton.

    Link ekle - 21st March 2007 07:07 - #

  141. Hi guys, very good information. I will implanting this on my blog. Thanks. Guy

    Jürgen - 21st March 2007 16:37 - #

  142. Wow, what a fantastic idea.

    Looks like I will be up tonight setting up an OpenID for myself.

    Love it.

    James Oppenheim - 22nd March 2007 12:49 - #

Comments are closed.
A django site