Single Sign On (SSO) with OpenID

OpenID has been into existence from quite sometime but I thought of discussing the same looking into its growing popularity & acceptance across the Internet community. This post is mainly dedicated to those people who are absolutely clueless about this Open Authentication Protocol & those who have heard of it, but haven't explored much on the same. Single Sign On (SSO) with OpenID is actually Single Set of Authentication Credentials rather than the true SSO scenario used on Corporate Intranet applications, where the user needs to login to the application only once & get authenticated multiple times by other SSO supported applications.

The best place to know about OpenID is by looking onto Wikipedia or by visiting the OpenID Home Page. In short, OpenID enables users to use a single set of authentication credentials (Username & Password) across multiple Portals supporting OpenID authentication. Trying to find an anology, you can relate OpenID to authentication services similar to Active Directory used in Corporate Networks. OpenID is in the form of a URL which would contain a Username in conjunction with the domain which is providing the OpenID services. Surprisingly, you might already have an OpenID & might not have realised the same. To know whether you already have an OpenID check here. There are many Sites which offer OpenID's as an add-on service & there are few Sites which dedicatedly provide this service as a primary service. Yesterday I registered with one of such site & thought of sharing more info on the same. It is managed by one of the most trusted Certifying Authorities (CA) - VersSgn. For registering an OpenID in this you need to register at https://pip.verisignlabs.com . Once registered, your OpenID URL would be username.pip.verisignlabs.com & the same URL can be used across any Site supporting OpenID authentication. For eg, www.livejoournal.com supports OpenID & hence if my username is jack at pip.versignlabs.com, I can use jack.pip.versignlabs.com as the OpenID URL. Check the screenshot below -

This was all about the basics of OpenID. I would now talk about some Value Added Services provided by VerSignlabs. Once you login to their Portal, on the right hand side you would find the section of Links. Out of them the most interesting of them is One-Click Sign in which enables you to do a Single Sign On (SSO) to a list of sites supported by VeriSign Labs. The procedure to do a One-Click Sign In can be found here. In short, to enable One-Click Sign in, a VeriSign Labs user needs to store the authentication credentials of all the accounts on the Internet, supported by VeriSign Labs. Check the screenshot below -

To make One-Click Sign in work, the user needs to install a Bookmark in the browser which is protected using a One-Click Key.

For getting authenticated in any site added in the One-Click Sign in screen, the user has to visit the login page of the site & click on the Browser Bookmark. If the user is already signed on to pip.verisignlabs.com, the username & password in the site would get auto-populated by One-Click Sign in & the user will get automatically logged on to the site. Check the screenshot below -

If the user has not got authenticated by pip.versignlabs.com, then the site would prompt you to enter your OpenID & Password. Once logged on to pip.versignlabs.com, your OpenID One-Click Sign in remains valid until you close your Browser.

In addition to One-Click Sign in bookmark, one can also install the VeriSign Labs Firefox Extension, called SeatBelt, which shows the authentication status at your pip.versignlabs.com. A green status indicates Logged out & a red status with username indicates Logged in.

VeriSign Labs also provides you FREE Browser Certificate for added security. You can also pay as low as 5$ & get a Security Key to have an extra layer of account protection. Aren't all these features pretty interesting?

Why don't you register today!!!