Geo Development, Identity Access Management

What is OpenID?

01.10.08 | No Comments

According to OpenID.net

“OpenID eliminates the need for multiple usernames across different websites…”

Earlier in the week I stipluated User Identity and Account Management as requirements for a CRM.

  • Host sign-up pages where customers can create an account, and select a level of membership (some levels require payment)
  • User account self management: password changes and resets, update details, cancel account, submit help request.
  • User login - Would we accept users authenticated at and redirected from the CRM site? Or would we query the CRM site with each user credentials? Alternatively, a push of a new/updated user from the CRM site (via HTTP request) to our web site would do, so that we can maintain a copy.

As it happens, Web Identity and Acces Management (IAM) is a topic close to my heart, something I have had a lot of dealings with over the last seven years, in a major enterprise environment.

As the week has progressed, I have spent some time thinking about this - and I have come to the point of view that IAM would sit no better in the CRM provider than it would in the final product / service / web site.

If I were to rely upon the CRM provider for user account management, then I would essentially be relying on them for authentication methods, account maintenance pages etc… indeed for anything else I ever want to offer those users in the future. This is what I often refer to as vendor lock in, and is something I actively try to avoid.

Enter Open ID

Open ID is not a product, or a service - or even a solution for all of the above. It does however contain what I believe to be a solution to at least some of the above requirements.

Open ID is fairly new, and a version 2 of the standard has recently been agreed. Also, there are very few full server implementations that I have seen - however there are some pretty good librarys availabe to get you underway.

None of this provides the account management, but by adopting Open ID I will have a user store that is independent of any particular website, allowing members to access any or all of them under the one account.

Also, I will have a platform upon which to build the account creation pages mentioned above, and I may even be able to leverage off of something already in existence.

Bookmark with delicious or Stumbleupon.

speak up

Add your comment below, or trackback from your own site.

Subscribe to these comments.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*Required Fields