What a week for OpenID and the opening up of the Social Web! Following Monday’s big announcement of Microsoft about to become an OpenID provider, today Google announced that it has actually become one (for real), with several sites are already live, accepting Google account credentials for signup and sign in, including Plaxo and Zoho. Google’s rollout is a very big deal for OpenID. Why?
Like many promising technologies, OpenID has long suffered from the “chicken and egg” problem. Why should any site wrestle with the complexities of becoming a “relying party” (a site that accepts OpenID) if very few mainstream users have an OpenID and know how to use it? And, conversely, if there are very few relying parties out there, why should a mainstream Internet player, such as Google or Microsoft, rush to become a Provider?
The lineup of current (or soon to launch) OpenID Providers now includes, Google, Yahoo, AOL, Microsoft, and MySpace. And we should be able to demonstrate in the coming weeks that second-generation implementations, like what Google is launching with today (and extending soon with Portable Contacts), actually reduce the friction for onboarding new users. The result should be a massive adoption wave for OpenID all over the web. If your competitor’s OpenID-based onboarding of new users has a much smaller dropoff rate than yours, you will find yourself wanting to come up to speed quickly on how to become a relying party, too.
One of the coolest things in the official blogpost for the announcement is what is coming down the pike:
Google is also working with the open source community on ways to combine the OAuth and OpenID protocol so a website can not only request the user’s identity and e-mail address, but can at the same time request access to information available via OAuth-enabled APIs such as Google Data APIs as well as standard data formats such as Portable Contacts and OpenSocial REST APIs. In the future, this should allow a website to immediately provide a much more streamlined, personalized and socially relevant experience for users when they log in to trusted websites.
This combined “Open Stack” approach will fix so much of what is currently broken.
Today, every time you go to use a new website, you have to give the site your email address and choose a password; you have to upload a photo and fill out the same profile info you’ve done dozens of times before; and, you’ll probably be encouraged to import your address book and invite your friends. The new Open Stack approach can take almost all of the friction out of that process. OpenID lets you signup with existing credentials. XRDS-simple lets the site discover where you keep your data. OAuth allows you to grant restricted access to just that data (without handing over the full keys to your account). And Portable Contacts standardizes how the site can pull in the people data that you want to share, including data from your profile, your friends list, and your address book. And that can all be done in a couple of clicks, with you in control.
These are exciting times, indeed. Congrats to the Google team!
As has become the standard for just about any “open” launch, Plaxo is among the first live, with Joseph Smarr coding away feverishly in the night. Here’s his post on the launch at the official Plaxo blog. Joseph is also quoted in the Google blogpost:
Joseph Smarr, Chief Platform Architect at Plaxo says, “It’s great to see Google become an Open ID provider in addition to supporting OAuth, which we already use. We are thrilled to be among the first sites to allow users to login with their Google Accounts. This is going to be great for users, Plaxo and the web.”