This article was written by Cameron King. Check out his blog if you want to know more about him.
The purpose of this guide is to show users how they can start using OpenID’s in a way that is both comfortable and secure.
Quick Summary
In simple terms, OpenIDs are universal login names which can be used at any OpenID-enabled website. These usernames resemble regular website domains or addresses, such as example.com/bill or steve.example.com.
In this guide, users will be walked through the process of choosing, and using, a name.
Choosing a Name
Choosing what name you wish to be known by will be, by far, your biggest challenge in setting up your OpenID. There are only three rules as far as most people are concerned.
1. Pick a name you like.
This first one is pretty obvious, and no one can help you there. Make sure you pick something you like because changing your mind later will be difficult.
2. Find an address that you “control”.
If you have a website of your own:
Many visitors looking to setup an OpenID will likely have several addresses that they “control”. Any website or web address associated with you can qualify here.
Some examples:
- A personal website
- A personal blog
- A domain name
If you do not have a website of your own:
If you don’t have your own website, that’s fine. Just skip down to the section: “Locating a Provider”. You can use one of those addresses instead.
(Remember though, using a website of your own as your OpenID is, by far, the preferred option. This way you can painlessly switch providers at a later date.)
3. Can you point it at a provider?
To allow your chosen address to work with OpenID, you will need to be able to edit the HTML for that page. Specifically, there will be two tags that need to be added to the of the page. Is that possible for this address? If so, then you’ve chosen a good name, feel free to move on to the next section: “Locating a Provider”.
Locating a Provider
The OpenID provider does all the heavy lifting for you. This is the place where you actually put in a password and where all the real magic happens.
Popular Existing Accounts with OpenID
Many users may already have an OpenID provider. Here is a very short list of some popular providers. Just drop your account name in where you see: yourname.
- http://openid.aol.com/yourname
- http://yourname.livejournal.com
- http://yourname.wordpress.com
Creating a new OpenID Account
Additionally, a name can be registered with a provider who does nothing else but provide OpenIDs. Here is an equally short list of providers who will allow you to create an account specifically to use as an OpenID.
- http://yourname.myopenid.com
- http://yourname.pip.verisignlabs.com
- http://yourname.myvidoop.com
For more information on free providers, take a look at the following pages:
- Public OpenID Providers
- Provider Comparison
Putting it all Together
If you are going to use an OpenID provider as your name, you can skip this section and move on to: “How do I use my OpenID”. This section is only for people who are using their own website as an OpenID name.
In the section of the page that was chosen as the OpenID name, all that needs to be done is to add two tags. Here are a few examples:
http://yourname.livejournal.com
http://yourname.myopenid.com
http://yourname.pip.verisignlabs.com
The openid.delegate field is simply the chosen OpenID address that this page points to.
If you aren’t sure of what needs to go in the openid.server field and it’s not one of the above examples, either check with the provider and their documentation or view the source of the HTML at your OpenID address. Either way, you should be able to find it without too much digging.
To check and make sure you’ve done everything correctly, run the ID through the Check your OpenID page to see if there are any
errors locating your provider. If that check fails, double-check the of your page and make sure that your provider and delegate information is correct.
How do I use my OpenID?
There are a number of places where OpenIDs are accepted and that number is growing at a steady pace. Take a look at the following pages for lists of OpenID-enabled sites:
Disclosure: Thomas Huhn runs OpenID Directory.
Once you find a site you want to login to, just select the OpenID login box (most likely with an orange “i” next to it), and drop in your OpenID. If you are not already logged in with your provider, you may be redirected there so that you may do so.
That’s it. If you were able to login, then your OpenID worked fine.
The process of logging in to a relying party is described in more details in the post Logging in with an OpenID.