yahoo! openid and oauth 1 allen tom yahoo! membership architect openid foundation board member...

17
Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member [email protected] @atom

Upload: christian-keith

Post on 26-Mar-2015

236 views

Category:

Documents


1 download

TRANSCRIPT

Page 1: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Yahoo! OpenID and OAuth

1

Allen TomYahoo! Membership Architect

OpenID Foundation Board [email protected]

@atom

Page 2: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

• OpenID – Authentication• OAuth – Authorization• OAuth-WRAP – next generation OAuth

2

Page 3: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Yahoo! and the Open Web

• Yahoo! OS: Initiative to open up Yahoo’s services to 3rd party developers and partners

• OpenID: Opens Yahoo’s Membership platform to all websites– Users who have a Yahoo Account can log in with it at

any website that accepts OpenID• OAuth: Authorization protocol (access control) for

Yahoo Data and APIs– Contacts (Address Book)– Yahoo Mail– Yahoo! Updates (Activity Streams)

3

Page 4: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Yahoo OpenID + OAuth

4

• Yahoo users can sign into websites using their Yahoo ID via the OpenID Protocol

• Users can authorize data access via Oauth• Share your Yahoo Address Book• Let the 3rd party update your Status• Upload photos

Page 5: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Authentication, continued…

• My YahooID is [email protected]• My OpenID identifier is

https://me.yahoo.com/allentomdude• OpenID lets me prove that I control

https://me.yahoo.com/allentomdude

5

Page 6: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Yahoo OpenID Example

• Login to the HuffingtonPost.com using your Yahoo ID

6

Page 7: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

7

Click Log InClick Log In

Page 8: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

8

Click the Yahoo! ButtonClick the Yahoo! Button

Page 9: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

9

Login screen is bypassed if the user is already

logged into Yahoo

(more then 90% of the time)

Login screen is bypassed if the user is already

logged into Yahoo

(more then 90% of the time)

Page 10: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

10

OpenID: AuthenticationNameEmail AddressProfile Picture

OpenID: AuthenticationNameEmail AddressProfile Picture

OAuth: API access to Web ServicesOAuth: API access to Web Services

Page 11: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

11

Yahoo IDYahoo ID

Yahoo Profile PictureYahoo Profile Picture

Page 12: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

12

Huffington Post can post to my Profile using OAuth

Huffington Post can post to my Profile using OAuth

Page 13: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Attribute Exchange

• RPs may optionally ask for user data via the Attribute Exchange Extension (supported by all major OpenID Providers)– Name– Email Address– Profile Picture– Age– Gender – Location

13

Page 14: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

14

Page 15: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Why is Yahoo supporting OpenID?

• Have a stronger relationship with our users– Users are Yahoo’s #1 asset

• Yahoo IDs are more valuable – used for logging into Yahoo and other websites

• More insights into user behavior on Yahoo and everywhere else– Needed for ad targeting and content personalization

• Open Standard: – No need to invent yet another auth protocol– Can leverage industry best practices– Open Source libraries, documentation– Developers can implement the same interface across all Ops

Yahoo/Google/AOL are almost completely interoperable

15

Page 16: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

Why should sites accept OpenID?

• New user on boarding experience is getting increasingly difficult– Username/password– Name/email address– Profile Picture– Location– Gender– Friends– CAPTCHA

• Security, Abuse, Account Recovery can be outsourced to the OpenID Provider

• Virtuous Cycle – user engagement drives referral traffic back to the RP• New users already have a reputation

– Abuse, expertise, etc• Content and Ads can be personalized and relevant even on the first visit

16

Page 17: Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board Member atom@yahoo-inc.com @atom

17

Allen [email protected]

http://developer.yahoo.comhttp://openid.nethttp://groups.google.com/

–OAuth–OAuth-WRAP-WG

http://www.internetidentityworkshop.com/