Using a Domain as Your OpenID

By James Duncan Davidson on March 11, 2008 10:43 PM | 23 Comments
Tagged: identity, openid
The identity story on the web has long been a messy one. Lots of people have been working on this problem for a while, however, and trying to make the story less messy and it seems that OpenID is emerging as a big part of the solution. Momentum behind OpenID is building quickly now and I decided earlier this year that it was time to jump in and set up my domain as my own OpenID. But, in my explorations of the subject, I got kind of lost in the details and put it on the backburner for a few weeks. Then, after talking with a bunch of folks about it at ETech and GSPWest, I finally got around to sorting things out and found it to be remarkably easy and straightforward. Almost embarrassingly so.

My ah-ha moment was provided by Sam Ruby in a post he wrote over a year ago, OpenID for non-SuperUsers. I had seen the demos on stage a few times, but it was while working through Sam's post that the light came on. Instead of trying to understand how it all works, I just needed to see it work.

Assuming you have your own website domain, let me shorten Sam's advice down to three easy steps:

Step One: Set up an identity at myOpenID. It's quick, easy, and painless. And, if you don't like them, you can use somebody else later. 

Step Two: Once you have an identity at myOpenID, you could use it directly. But, if you have your own domain, you really want to use it as your OpenID. Add the following two lines to the <head> section of your website:

<link rel="openid.server" href="http://www.myopenid.com/server" />
<link rel="openid.delegate" href="http://yourid.myopenid.com/" />

These two lines of HTML allow you to use http://yourdomain.com as your OpenID. You can see this in action for my own OpenID by viewing the source for this page. 

Step Three: Log into an OpenID based site such Dopplr, or sign in to leave a comment on this site, using your domain as your ID. In doing this, you'll see the handshake with myOpenID and be asked to authorize the use of your OpenID.

There you go. That should get you started with using your domain as your OpenID. Once you've set things up, you can later change the delegation to any OpenID provider you want. This gives you control over your identity without having to install another chunk of software if you don't want to. It's kind of like being able to choose your DNS provider and run your DNS off of an service provider instead of having to run BIND yourself. And, if you've never had to run BIND, consider yourself lucky.

In any case, doing the above, I've been able to start replacing my user/password credentials at several sites using my domain-based OpenID. I can't wait till more of the Internet works this way.

This is one of 188 blog posts on duncandavidson.com. If you care to read more, two posts I recommend are Dear Speakers, a set of thoughts for public speakers that I pulled together in March, 2009 and Tilting at the Windmill, One Last Time, a call to Flickr to include important EXIF and ITPC metadata in the photographs they provide to the public.

23 Comments

Hmm. I implement OpenID in rails apps all the time but believe it, or not, I never setup and account for myself. Thanks for the push Duncan.

user-pic
20seven.org
Comment left on 03/12/08
Reply to this comment

Wow, that was a lot easier than I thought. Works too, because I'm posting this via an OpenID login.

user-pic
Ross Burton
Comment left on 03/12/08
Reply to this comment

Hi James
Thanks for writing this up.
Yes, I can confirm your instructions are working : )

user-pic
fiveone.org
Comment left on 03/12/08
Reply to this comment

I set it up about a year ago, but this is only the third time I'll have ever left an OpenID comment. I don't see quite the same groundswell of support as you seem to have. That may change if WordPress builds in OpenID support without requiring plugins...

user-pic
barzeski.com
Comment left on 03/12/08
Reply to this comment

Great writeup! Works like a charm.

Thanks!

Bob

user-pic
bobsherron.com
Comment left on 03/12/08
Reply to this comment

If you don't want to be tied to the myOpenID service, you can use a third party bit of code like phpMyID which does the same thing, and you can host yourself:

http://siege.org/projects/phpMyID/

I'm using it to post this.

user-pic
openid.zackofalltrades.com
Comment left on 03/12/08
Reply to this comment

Thanks for this post, more people should use their own domain for openid. It's the only truly portable system of identity and means you are not tied to a specific provider for all your login needs!

user-pic
Tony
Comment left on 03/12/08
Reply to this comment

link rel=... works fine
LINK rel=... doesn't.

expected? bug in blog software? my ID is an example

user-pic
atagunov [people.apache.org]
Comment left on 03/12/08
Reply to this comment

Thank you!
Works amazingly well.

user-pic
alexvarin.com
Comment left on 03/12/08
Reply to this comment

barzeski: Yah, it's not widespread yet, but just in the last few months, I've seen OpenID pop up in lots of places. It's got that feel like it's about to go big. Maybe I'm dreaming, but I hope not.

atagunov: The case sensitivity is interesting. I'm not sure what that's about. I'm not really surprised tho. Maybe the sixapart peeps need to take a look at it.

Thanks all who used their OpenID's to comment. :)

user-pic
James Duncan Davidson
Comment left on 03/12/08
Reply to this comment

Thanks for this tidbit, it encouraged me to finally get an OpenID. Works as advertised. :-)

user-pic
ejeklint.se
Comment left on 03/14/08
Reply to this comment

Didn't work so smoothly. I could register, but afterwards it would not recognize my password. OK, maybe I mistyped my password during registration (twice in the same way???). So I tried their password recovery.

For password recovery, you can either supply your user ID or password. First attempt using the user ID: Internal Server Error. Ugh.

Second attempt, this time using the email address: Unknown email address. WTF? This was the very same email address that they sent the registration confirmation email, just a few minutes ago! Tried again, same result.

Finally, I tried it again with the user ID: this time it worked. Puh!

So finally I have it working, as this post proves!


user-pic
http://oefelein.de/Martina/
Comment left on 03/16/08
Reply to this comment

thank you for this tutorial & checking for the first time :)

user-pic
mpd
Comment left on 04/08/08
Reply to this comment

Thanks for the useful post! This is my first comment with the newly set up myOpenID :)

user-pic
codecritic.myopenid.com
Comment left on 04/22/08
Reply to this comment

W00t! Thanks for posting this, Duncan. Now I just have to figure out how to build my new app so that it uses only OpenID auth without undue work for users who know nothing about it!

—Theory

user-pic
justatheory.com
Comment left on 06/01/08
Reply to this comment

Thanks mate - rocks.

user-pic
http://grahamis.com/openid/
Comment left on 06/08/08
Reply to this comment

That's pretty awesome. I put off setting it up for a few days but shouldn't have. It was very quick.

user-pic
starpointemarketing.com
Comment left on 09/26/08
Reply to this comment

why the heck i didn't do it a year ago...

user-pic
patrash.wooia.ro
Comment left on 11/09/08
Reply to this comment

Just what I needed, thanks!

user-pic
Paul Barry
Comment left on 11/30/08
Reply to this comment

Just what I needed, thanks!

user-pic
self storage
Comment left on 07/08/09
Reply to this comment

Thank you so much for this concise walkthrough! Just what I was looking for.

user-pic
Rishi
Comment left on 07/19/09
Reply to this comment

I want to use My Domain as OpenID.. I dont want to use the link rel for this..

Is there any easy method of using phpMyID?

user-pic
Lokesh
Comment left on 12/08/09
Reply to this comment

If this leaves a comment, it worked!

user-pic
odnarb.com
Comment left on 01/27/10
Reply to this comment

Leave a comment