Yahoo Open ID and OAuth Allen Tom Yahoo
- Slides: 17
Yahoo! Open. ID and OAuth Allen Tom Yahoo! Membership Architect Open. ID Foundation Board Member atom@yahoo-inc. com @atom 1
• Open. ID – Authentication • OAuth – Authorization • OAuth-WRAP – next generation OAuth 2
Yahoo! and the Open Web • Yahoo! OS: Initiative to open up Yahoo’s services to 3 rd party developers and partners • Open. ID: Opens Yahoo’s Membership platform to all websites – Users who have a Yahoo Account can log in with it at any website that accepts Open. ID • OAuth: Authorization protocol (access control) for Yahoo Data and APIs – Contacts (Address Book) – Yahoo Mail – Yahoo! Updates (Activity Streams) 3
Yahoo Open. ID + OAuth • Yahoo users can sign into websites using their Yahoo ID via the Open. ID Protocol • Users can authorize data access via Oauth • Share your Yahoo Address Book • Let the 3 rd party update your Status • Upload photos 4
Authentication, continued… • My Yahoo. ID is allentomdude@yahoo. com • My Open. ID identifier is https: //me. yahoo. com/allentomdude • Open. ID lets me prove that I control https: //me. yahoo. com/allentomdude 5
Yahoo Open. ID Example • Login to the Huffington. Post. com using your Yahoo ID 6
Click Log In 7
Click the Yahoo! Button 8
Login screen is bypassed if the user is already logged into Yahoo (more then 90% of the time) 9
Open. ID: Authentication Name Email Address Profile Picture OAuth: API access to Web Services 10
Yahoo Profile Picture Yahoo ID 11
Huffington Post can post to my Profile using OAuth 12
Attribute Exchange • RPs may optionally ask for user data via the Attribute Exchange Extension (supported by all major Open. ID Providers) – Name – Email Address – Profile Picture – Age – Gender – Location 13
14
Why is Yahoo supporting Open. ID? • Have a stronger relationship with our users – Users are Yahoo’s #1 asset • Yahoo IDs are more valuable – used for logging into Yahoo and other websites • More insights into user behavior on Yahoo and everywhere else – Needed for ad targeting and content personalization • Open Standard: – – No need to invent yet another auth protocol Can leverage industry best practices Open Source libraries, documentation Developers can implement the same interface across all Ops Yahoo/Google/AOL are almost completely interoperable 15
Why should sites accept Open. ID? • New user on boarding experience is getting increasingly difficult – – – – Username/password Name/email address Profile Picture Location Gender Friends CAPTCHA • Security, Abuse, Account Recovery can be outsourced to the Open. ID Provider • Virtuous Cycle – user engagement drives referral traffic back to the RP • New users already have a reputation – Abuse, expertise, etc • Content and Ads can be personalized and relevant even on the first visit 16
Allen Tom atom@yahoo-inc. com http: //developer. yahoo. com http: //openid. net http: //groups. google. com/ –OAuth-WRAP-WG http: //www. internetidentityworkshop. com/ 17
- über allen gipfeln ist ruh youtube
- Reputationeel
- Symbolism in the devil and tom walker
- 영국 beis
- Tom tom go 910
- Tom open the door the passive is
- Allen and gale 2000
- Off delay timer symbol
- Open hearts open hands
- Wanda jean allen
- Karin allen
- Allen-test
- Allen's test
- Whitely v chappel (1868)
- Advantages and disadvantages of golden rule
- Purposive rule
- Nicola allen knutsford
- Burroughs allen waltrip