Thursday, November 20, 2008

OpenID/OAuth hybrid extension

There is a proposal for an OpenID extension to effectively create a hybrid protocol between OpenID and OAuth - this to optimize the combination and thereby minimize consent pages and redirects.

Interestingly, Ping's Patrick Harding was proposing a similar optimization  between SAML & OAuth at DIDW.

Starting at Slide 23 in the below deck



Hopefully, the pattern that OpenID defines to carry the OAuth parameters/messages can be appleid to SAML.

No comments: