What do regular web devs need to know about ID

From IIW

Monday – Session 3 - E

Conference: IIW10 May 17-19, 2009 this is the complete Complete Set of Notes

Convener: Laurel Fan

Notes-taker(s): Laurel Fan

Discussion notes:

This was a small session -- not a lot of solutions, mostly statement of the problem (and some free association...)

Most regular web devs don't care about identity. They care about what identity enables, such as:

  • putting a user's action/content into buckets
  • acting as the user on another service (post to facebook wall)
  • getting information about a user (name, photo, friends list)
    • to personalize content
    • so the user can give you this information without filling in another form

Single sign on isn't that attractive by itself. It's easy to maintain your own username/password, email verification etc. There's a library for that. It's hard to depend on other sites, and explain this to the user (Do we need an I forgot my OpenID button?)

If there's a library, people will use it. Better if it's built into PHP, Rails, etc. (Oauth seems to have learned this)