March 2011Ashish Jain
Social Media for Retailers Summit
DEMO
OpenID Authentication 2.0
SReg
Attribute Exchange
PAPE
UI
White list
STATUS
Name
Email Address
DOB
Phone Number
Shipping Address
Payer ID *
Is Verified PayPal *
SHARED CLAIMS
User will not have access to PayPal.com
RP can request max_auth_age at
runtime Or during on-boarding
Supports max time of 8 hours with no
challenge
SESSION / MAX_AUTH_AGE
Get a PayPal account
Login to x.com (Developer Network)
Submit your app
ON BOARDING PROCESS
ON BOARDING PROCESS
Additional claims
Authn Context Authn Type, Time, Risk/Fraud…
Payment Integration Login first, payment first, guest checkout…
QUESTIONS FOR RETAILERS?
Identity Propagation E.g. PayPal OP - Connector - SAML RP - SaaS
Identity Linking e.g. link PayPal to another IdP for additional claims
Payment Integration
QUESTIONS FOR PROVIDERS?
RP On-boarding UI Guidelines (new/existing account,
additional data…)
Local Password / Terms of service?
CSR FAQ
Multiple IdPs support (different data)
Account Recovery flows?
Attribute Exchange
Logout
…
QUESTIONS FOR COMMUNITY?
Q & A