How to determine the OpenID username when the identifier does not have a username?

Question

How to determine the OpenID username when the identifier does not have a username?

I am trying to implement openID on my site and read both Plaxo and questions about SO. Currently, I can authenticate my users with libraries. But I noticed that some suppliers, such as

Google: https://www.google.com/accounts/o8/id
Yahoo: https://me.yahoo.com

I am trying to implement a system similar to Plaxo, where I will have many-to-one relationships for the account. But how can I distinguish users using openID URLs as above? I see that even SO has a google and google profile separately. So, how do they identify the user when the user does not provide their username, or should I say a unique openID?

+4

openid google-openid

Abdel raoof Feb 03 '11 at 6:09

source share

2 answers

When you get an openid response, the "openid.identity" parameter will appear, which is unique to each account. This is a very long semi-random string, so it is not useful for displaying:

https://www.google.com/accounts/o8/id?id=AItOawnlHWwIas84v37...

You can try to create beautiful displayed bases for the username in the nickname field or in the local part of the email address if these attributes are provided. And since the last opportunity will ask the user.

+1

Hendrik brummermann Feb 04 '11 at 10:37

source share

Trevor johns · Accepted Answer · 2011-02-04T22:29:32+0000

OpenID is not intended to display a username on a provider. You are provided with a verified URL that serves as their identifying information, but this URL should be considered as an opaque string.

If you need this, you need to manually request the user or use the exchange of attributes (none of them are protected, BTW).

How to determine the OpenID username when the identifier does not have a username?

More articles: