Blog
Google moves towards single sign-on with OpenID
Wednesday, October 29, 2008
By Eric Sachs, Google Security Team
Currently users are required to create individual passwords for many websites they visit, but users would prefer to avoid this step so they could visits websites more easily. Similarly, many websites on the Internet have asked for a way to enable users to log into their sites without forcing them to create another password. If users could log into sites without needing another password, it would allow websites to provide a more personalized experience to their users.
In September we announced some
research
that we shared as part of an effort by the OpenID community to evaluate the user experience of federated login. Other companies like Yahoo have also published their
user research
. Starting today, we are providing limited access to an API for an OpenID identity provider that is based on the user experience research of the OpenID community. Websites can now allow Google Account users to login to their website by using the OpenID protocol. We hope the continued evolution of both the technical features of OpenID, as well as the improvements in user experience. will lead to a solution that can be widely deployed for federated login. One of the companies using this new service is
www.zoho.com
. Raju Vegesna at ZoHo says that "We now offer all our users the ability to login to ZoHo using their Google Account to avoid the need to create yet another login and password."
The initial version of the API will use the OpenID 2.0 protocol to enable websites to validate the identity of a Google Account user, including the optional ability to request the user's e-mail address. Below is an example of the flow that a user might see if he or she starts at a website that uses this new feature:
The website could use a modified login box that looks like the one below. If the user enters a Gmail address and indicates that he or she does not have a password for this site, then the site can redirect him or her to Google.
The user would then be taken to the Google website and asked to confirm whether he or she wants to sign in to KidMallPics.
Finally, the user would be redirected back to KidMallPics, where he or she would be immediately signed in.
More information about this new API can be found on the
Open ID
page in Google Code. To request access to the limited trial, please visit our Google Federated Login
discussion group
and register using the
online registration form
.
Google is also working with the open source community on ways to combine the OAuth and OpenID protocol in the future. That way a website can not only request the user's identity and e-mail address, but can also request access to information available via OAuth-enabled APIs such as
Google Data APIs
as well as standard data formats such as
Portable Contacts
and
OpenSocial REST APIs
. In the future, this should allow a website to immediately provide a much more streamlined, personalized and socially relevant experience for users when they log in to trusted websites.
Labels
#freeandopen
#GooglePlay #AndroidDevStory #PlayStore #DeveloperConsole #StoreListingExperiments
#io12
#io13
#io14
#io15
#io16
#io17
#io2012
#io2013
#io2014
+1
20% project
3d
about.com
accelerator
accessibility
actions
actions on google
Administrative APIs
AdMob
adobe
Ads
adsense
advogato
AdWords
africa
agpl
AI
AIY
AIY Projects
AIYProjects
ajax
ajax apis
ajax search
ajax search books news apis
all for good
amarok
AMP
AMP Cache
analytics
android
Android Studio
Android Things
android wear
Announcement
apache
api
apis
apis console
apis explorer
apis. charts
app engine
app indexing
app indexing api
App Invites
apple
apps
apps script
area 120
Artificial Intelligence
asia
assistant
atom publishing protocol
Auth
authentication
authsub
awards
axsjax
barcodes
beacon
beacons
bespin
best practices
bigquery
Blockly
blogger
book search
books API
bootcamp
Brotli
browser
building ajax apps
business
buzz
c++
Cache
caja
caldav
calendar
camino
campfire one
caption
cardboard
CardDAV
cast
Certification
channel
chinese
chrome
chrome apps
chrome dev summit
chrome devtools
chrome experiment
chrome extensions
chrome os
chrome web store
chromecast
chromium
chronoscope
cifs
classes
classroom api
client libraries
closure tools
cloud
cloud datastore
cloud functions for firebase
cloud platform
cloud portability
cloud services
cloud sql
cloud storage
cms
CocoaPods
code for educators
code jam
code review
code-in
codeedu
codelabs
coffee with a googler
collada
color
commerce
community
competition
compression
compressorhead
computing heritage
conferences
contacts api
contest
contextual gadgets
conversations
couchdb
countdown to I/O 2012
courses
Crash Reporting
creative commons
cricket
crisis response
cryptography
css
css3
custom search
custom search api
danish linux forum
dart
Data Compression
datastore
design
devart
develop
developer
developer expert
Developer Keynote
developers
developers. meetup
devfest
devfest developer chrome maps social wave apps
DFP
discovery service
diversity
django
dns
docs
documentation
documents list api
dojo
doodles
dot net
doubleclick
dreamweaver
Drive
drupal
earn
earth
eclipse
eclipsecon
eddystone
education
email
EMEA
enterprise
Europe
event
events
evolution
execution api
extensions
Fabric
faster web
featured
feeds
finance
Firebase
Firebase Analytics
Firebase Cloud Messaging
Firebase Dynamic Links
firebug
firefox
firevox
fitness
font api
fosdem
freebsd
freenet
Fridaygram
fusion tables
G Suite
gadgets
Game Developers Conference
games
gcc
gci
GCP
GDA
gdata
GDC17
GDD
gdd07
gdd08
gdd09
GDD11
GDE
gdg
gdl
gdl weekly
gears
geo
geolocation
geoserver
getpaid
ghop
git
github
gmail
Gmail APIs
gnome
gnome women's summer outreach program
Go
goo.gl
Google
Google APIs
google apps
google apps api
google apps for your domain
google apps marketplace
google assistant
google assistant sdk
google buzz
google cast
google chart api
google checkout
google chrome
Google Cloud Messaging
Google Cloud Platform
google cloud storage
google code
google code project hosting
google code search
google code university
google compute engine
google data apis
google data protocol
google developer day
google developer days
google developers
Google Developers Academy
Google Developers Live
Google Developers site
Google Developers University Consortium
google docs
Google Docs API
google doctype
Google Drive
Google Drive SDK
google earth
google fit
Google Fonts
google friend connect
google gadgets
google gears
google grants
google health
Google I/O
Google Identity Platform
google io
google mashup editor
Google Noto fonts
Google Play
google play services
Google Science Fair
Google sheets
Google Sheets API
Google Slides
Google Slides API
Google Spreadsheets API
google storage
google summer of code
Google tech talk
google technoloy user groups
google tv
google visualization api
google wallet
Google Wave
google web elements
google web toolkit
google.org
google+
googlecast
googleio
googlenew
GooglePlay
googlewebelements googleio
GPE
GPT
green linux
grow
gsoc
GSuite
gtags
gtug
guest post
guice
gulp
GWSOP
gwt
gzip
hackathon
hacking
hackthon
hangouts
haproxy
hg
hibernate
howto
hpux
html
html5
I/O
I/O 17
I/O 2017
I/O Extended
I/O Live
ical
identity
ietf
ignite
igoogle
iguanas
iiw
Image Compression
image search
Imara
in-app payments
incubator
India
indie
internationalization
internet explorer
internet of things
interviews
IO17
IO2017
ios
iOS SDK
IoT
ipad
iphone
israel
Issue Tracker
jaiku
japanese
java
javascript
jetpack
joomla
joomladayus2007
joomladayusa
karaoke
KDE
KDE 4.0
kernel
kernel summit
keynote
khronos
kids
kids coding team
kml
korean
Krakow
labs
lanchpad
languages
latitude
launch
launchpad
lca
Leadership
lessons
licenses
linux
linux foundation
linux summit
linux virtual server
linuxconf eu
localization
LoCo
london
mac
MacFuse
machine learning
Makers
malware
maps
maps apis
Marketplace
material
material components
material design
MDL
meetup
mercurial
MIT CSAIL
mobile
mobile sites
mobile speed
mobile UX
mod_pagespeed
Moderator
monetize
MOOC
mozilla
mylar
myspace
MySQL
mythtv
named
narratives
native ads
native client
nearby
netbsd
non-profit
nonsense
nosql
notifications
Noto Serif CJK
nss
O3D
oauth
OAuth playground
OAuth2
objective-c
OCaml
ocr
ODF
office hours
oha
OOXML
open data
open source
open source blog
open web
openajax alliance
opengl
openid
opensocial
openssh
openssl
oreilly
orkut
oscon
oscon2007
osi
oss devs
ossjam
osx
pactester
page speed
PageSpeed
palette
payments
performance
phone
photos
picasa
picasa web
places API
play services
playground
plone
plone sprint
podcast
polymer
Polymer Summit
portugal
posix
PowerMeter API
prediction api
preview
prizes
programming
Progressive Web App
project hosting
Project Loon
Project Tango
proximity
pubsubhubbub
PWA
py3k
python
python sprint
rails
random hacks of kindness
Rasberry Pi
reader
Remote Config
research
result snippets
Rewarded Ads
Rewarded Video Ads
rhino
Saatchi
salesforce
samba
sandbox
Santa Tracker
scalability
scholarship
Scratch
screencast
sdk
sdks
search
security
serif
service worker
sessions
Sheets API
shindig
shopping
Shoreline Amphitheatre
showcase
sidewiki
sign-in
silverstripe
sitemaps
sites api
sixapart
sketchup
Slides API
Smart Lock for Passwords
soap search api
soc
social
social graph
solaris
souders
spa2007
spdy
speakers
speed
speed tracer
standards
startup
startups
storage
Street View
student programs
students
stuff
subscribed links
subversion
summer of code
Sundar Pichai
SVG
sxsw
syndication
tasks API
Team Drives (new)
techmakers
templates
TensorFlow
TensorFlow Research Cloud
Test Lab
testing
themes
tool
tools
topp
training
tranparency
transit
translate
translation
tutorials
tv
ubiquitous computing
ubiquity
ubucon
ubuntu
Udacity
UI
unicode
unit test
Unity
Universal App Campaigns
unix
URLs
video
videos
Vim
virtual keyboard
virtual reality
visualization
VR
wattpad
Wearables
Weave
web animations api
web apps
web components
web designer
web exponents
web fonts
web performance
web platform docs
webfonts
webgl
webmaster
WebP
website optimizer
weekly roundup
WhiteHouse.gov
Who's at Google I/O
win
windows
windows programming
Winter of Code
Women Tech Makers
women techmakers
wtm
xauth
yahoo
youtube
zlib
zurich
ZXing
Archive
2017
Jul
Jun
May
Apr
Mar
Feb
Jan
2016
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2015
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
2014
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2013
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2012
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2011
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2010
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2009
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2008
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2007
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2006
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Feb
Jan
2005
Dec
Nov
Oct
Sep
Aug
Jul
Jun
May
Apr
Mar
Subscribe
Google
on
Follow @googledevs
Visit
Google Developers
for docs, event info, and more.
