OpenID is an HTTP-based standard for exchanging and verifying identity. Here’s how it works.
- The end user whose identity needs to be verified (me).
- The identity server who verifies the identity (blogspot.com).
- The identity consumer who needs to use the identity (my application).
- The identity consumer (my application) displays a login page allowing the end user to specify their OpenID URL (see link jQueryOpenIdPlugin below).
- The user (me) specifies a URL (http://motorcycleguy.blogspot.com/) that they control to the identity consumer.
- The identity consumer uses that URL to discover the identity server it needs to correspond with.
- The identity consumer passes an HTTP request to the identity server that includes a nonce and a return page.
- The identity server returns a user interface that allows the user to login.
- The user logs in.
- The identity server redirects the user to the return page with a few parameters indicating the success of the login request and the identity of the user (if successful).
Using OpenID I've completely eliminated the need to deal with:
- Identity Creation
- Password Management