1 / 17

Yahoo! OpenID and OAuth

Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom. Yahoo! OpenID and OAuth. OpenID – Authentication OAuth – Authorization OAuth-WRAP – next generation OAuth. Yahoo! and the Open Web.

sade-snyder
Download Presentation

Yahoo! OpenID and OAuth

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom Yahoo! OpenID and OAuth

  2. OpenID – Authentication • OAuth – Authorization • OAuth-WRAP – next generation OAuth

  3. Yahoo! and the Open Web • Yahoo! OS: Initiative to open up Yahoo’s services to 3rd party developers and partners • OpenID: Opens Yahoo’s Membership platform to all websites • Users who have a Yahoo Account can log in with it at any website that accepts OpenID • OAuth: Authorization protocol (access control) for Yahoo Data and APIs • Contacts (Address Book) • Yahoo Mail • Yahoo! Updates (Activity Streams)

  4. Yahoo users can sign into websites using their Yahoo ID via the OpenID Protocol Users can authorize data access via Oauth Share your Yahoo Address Book Let the 3rd party update your Status Upload photos Yahoo OpenID + OAuth

  5. Authentication, continued… • My YahooID is allentomdude@yahoo.com • My OpenID identifier is https://me.yahoo.com/allentomdude • OpenID lets me prove that I control https://me.yahoo.com/allentomdude

  6. Yahoo OpenID Example • Login to the HuffingtonPost.com using your Yahoo ID

  7. Click Log In

  8. Click the Yahoo! Button

  9. Login screen is bypassed if the user is already logged into Yahoo (more then 90% of the time)

  10. OpenID: Authentication Name Email Address Profile Picture OAuth: API access to Web Services

  11. Yahoo Profile Picture Yahoo ID

  12. Huffington Post can post to my Profile using OAuth

  13. Attribute Exchange • RPs may optionally ask for user data via the Attribute Exchange Extension (supported by all major OpenID Providers) • Name • Email Address • Profile Picture • Age • Gender • Location

  14. Why is Yahoo supporting OpenID? • Have a stronger relationship with our users • Users are Yahoo’s #1 asset • Yahoo IDs are more valuable – used for logging into Yahoo and other websites • More insights into user behavior on Yahoo and everywhere else • Needed for ad targeting and content personalization • Open Standard: • No need to invent yet another auth protocol • Can leverage industry best practices • Open Source libraries, documentation • Developers can implement the same interface across all Ops Yahoo/Google/AOL are almost completely interoperable

  15. Why should sites accept OpenID? • New user on boarding experience is getting increasingly difficult • Username/password • Name/email address • Profile Picture • Location • Gender • Friends • CAPTCHA • Security, Abuse, Account Recovery can be outsourced to the OpenID Provider • Virtuous Cycle – user engagement drives referral traffic back to the RP • New users already have a reputation • Abuse, expertise, etc • Content and Ads can be personalized and relevant even on the first visit

  16. Allen Tom atom@yahoo-inc.com http://developer.yahoo.com http://openid.net http://groups.google.com/ OAuth OAuth-WRAP-WG http://www.internetidentityworkshop.com/

More Related