OpenID, a technology that allows users to sign in to new supporting websites through a single trusted ID provider of their choice, is notoriously hard for non-developers to implement and in many cases use. One of the biggest challenges may have been eliminated, however, by the recent release of a new service called MyOpenID for Domains.
The service makes it remarkably easy for anyone to create OpenID accounts through their own domain, using the MyOpenID authentication service.
For example, my new OpenID is http://openid.marshallk.com/marshallk, based on my personal site marshallk.com. It was really easy to set up and now I can offer other users of my site their own marshallk.com OpenID as well. (Hi Mom!)
MyOpenID for Domains lets you set up OpenIDs in one of two formats: Wildcard subdomains like member.yourdomain.com or as a single subdomain + path like openid.yourdomain.com/member.
I chose the single subdomain plus member path because I want to be able to use other subdomains for other purposes.
It's really easy to set up either path. For my Wordpress blog I just filled out the form below, then I had to call my webhost (Bluehost - great customer service, terrible uptime) and ask them to make a small edit to my DNS record. I gave them this information:
Name: openid.marshallk.com
Type: CNAME
Value: www.myopenid.com
They made the change needed, basically setting up a redirect, in less than 5 minutes. Other hosts will let you edit your own DNS info. I then posted a page on my blog with a particular URL and a short code for MyOpenID to detect. That's it - I was done. Now I can use my own domain name as an OpenID. The next step was to make sure that my user identity page was looking spiffy.
If MyOpenID ever closes its doors, it will be easy for me to edit my DNS record back and keep my OpenID URL from becoming a 404 out of my control. I'll also now be able to verify that I am in fact the owner of marshallk.com.
This is the easiest way I've found to use my own domain name as an OpenID. There are other ways to do it but they've always given me far more trouble than they should. This service from MyOpenID is also an easy way to offer and administer OpenID accounts to other users of a particular website.
MyOpenID is a good OpenID provider. MyOpenID for Domains does require that you use their service in particular, however. There are many different OpenID providers offering many different advanced features. Check out SpreadOpenID.org for a comparison of many different providers.
As you can see below, my MyOpenID profile is now tied to my domain. All I need now is the ability to put HTML links in my summary info, display recent items in an RSS feed of my choice on this page and some other customization options. Then I'll be doing great.
Watch this space for more forthcoming news on big increases in OpenID usability.
Listed below are links to blogs that reference this entry: MyOpenID for Your Domain - The Easiest Way to Use Your URL as an OpenID.
TrackBack URL for this entry: http://www.readwriteweb.com/cgi-bin/mt/mt-tb.cgi/3785
Comments
Subscribe to comments for this post OR Subscribe to comments for all Read/WriteWeb posts
What a great way to easily let someone personalize their OpenID. I've criticized MyOpenID on a few points in the past (specifically, that the 'MyOpenID needs you to sign in' doesn't have a form or a link to sign in), but they've redeemed themselves with this feature.
The DNS part isn't as easy for all providers, and some don't even let you modify your DNS, which is kind of a roadblock. But for most people it will be almost painless. Also remember DNS takes a while to propogate, so your provider won't be available instantly.
Posted by: Matt King | April 17, 2008 12:43 PMWhat problems have people run into with the <link rel=...> method outlined in the Wired article? I've never had any issues with it, and thought it was relatively easy to set up, as well.
Posted by: Matt Gillooly | April 17, 2008 1:11 PMMatt, I wish I could remember what the problem with what seemed like a really simple method was. It was a couple of months ago and for some reason I ended up going back and forth over IM with some folks and we never could get the problem solved. Strange.
Posted by: Marshall KirkpatrickAnother way is to use Blogger. You can forward the Blog to your own domain or subdomain (you will need to change DNS setting as above to point to Google).
Posted by: abhilash | April 17, 2008 1:49 PMI thought that the beauty of openID was so that all us smaller websites could leverage the users of the larger providers (Yahoo, Google, .etc) without them having to create yet another account on my site! This seems incredibly backwards.
Posted by: Tyler | April 17, 2008 1:57 PMTyler, you'd do this if you wanted to use your own domain to login to all the different sites you use that support OpenID.
Posted by: Marshall KirkpatrickI managed to implement support for myopenid account over the weekend, I think its brilliant, if only the major sites would support OpenID consumer authentication, I hear a lot of warm words from the big companies about it, but they don't seem to have been active about it (with a few exceptions), and if anything, it appears that basically these firms want to support OpenID by acting as an identity provider, rather than as a consumer, and that's what seems to be annoying; they're not so much opening up, as claiming a standard for themselves.
Posted by: Paul Jensen | April 17, 2008 2:18 PMI forgot to add, I work for a web startup in London. When I first joined the company, I was tasked with implementing OpenID support into our site. It took about 2-3 days (which iwas a bit longer than it ought to have taken), but I managed to implement OpenID into the existing authentication system running the site, and this was from having just joined the company. What the hell is taking these large companies so long to implement the system?
Posted by: Paul Jensen | April 17, 2008 2:21 PMMarshall, great post. MyopenID has been my provider since day one and this new service looks easier than all the other "must know php and arcane hosting junk" that most OpenID implementation required even a few months ago. The WP plugin is coming along nicely as well.
Posted by: Dave Evans | April 17, 2008 2:27 PMnother way is to use Blogger. You can forward the Blog to your own domain or subdomain (you will need to change DNS setting as above to point to Google).
Posted by: http://persik.at.ua/ | April 17, 2008 2:44 PMI don't know all the details of how it works, but I am able to use http://www.aaronhockley.com as my OpenID url by putting four lines of HTML into my page header, which redirects the authentication to Vidoop, my OpenID provider.
That sure seems a lot simpler than editing a CNAME.
Posted by: Aaron B. Hockley | April 17, 2008 2:54 PMI've had a number of issues using delegation on certain openid accetping sites using my homepage with delegation to myopenid.com. I like this new feature. I wish you could just use your domain rather than having to use a subdomain. can't wait to test it out.
Posted by: michael lambie | April 17, 2008 3:19 PMIt's a good step for technically savvy bloggers but a non-event for the average Joe Blow user IMO. Try mentioning HTML (let alone DNS or domain) to them and you either get a blank stare or their eyes roll over. openID is still too geeky IMO.
Posted by: Bob Ngu | April 17, 2008 3:29 PMBTW, I selected the option of username.mydomain.com but only added the username I wanted to add as a CNAME, instead of *.domain; that way my OpenID can still be username.mydomain.com (which I think is more elegant) without giving OpenID all the subdomains.
Of course any new usernames you would have to add manually on the DNS, but for sites with a handful of users it works.
Posted by: Jorge Escobar | April 17, 2008 3:51 PMJorge, that's a great idea.
Posted by: Marshall KirkpatrickI use delegation for the same.
Posted by: thejeshgn.comI haven't had any problem so far using delegation to WordPress.com. There are so many of these OpenID providers, that I prefer using the one thing I know won't change...my own URL. If I have any trouble with the provider, it's just changing a few lines on my page without worrying about changing my login at all the sites.
Posted by: Judi Sohn | April 18, 2008 3:45 AMSome weeks ago I made a screencasts about te exact same subject. I found the use of your own url quite handy but ran into some difficulties with the use of different computers, usability and security. The screencastis in Dutch and the part about your ow url starts at 3:40 minutes...
Posted by: Freek Bijl | April 18, 2008 5:30 AMI like ClaimID's implementation better. Not everyone understands how to change the CNAME settings on a domain (and in a few cases, you actually have to contact your host).
ClaimID makes you add 2 (or is it one?) meta tags to your home page of your site/blog. Then you can just use yoursite.com and it'll redirect you to ClaimID to authenticate.
While ClaimID doesn't allow you to customize it much, it seems a lot easier for someone who just wants to use yoursite.com, not something.yoursite.com or something.yoursite.com/username.
Posted by: Chris Thomson | April 18, 2008 1:15 PMThe question I have is why the hell are you still using Bluehost for your web hosting, why don't you try someone reputable? Here are a few I'd take a look at:
www.medialayer.com
www.unitedhosting.com
www.asmallorange.com
www.cartikahosting.com
www.pair.com
www.doreo.com
www.rochen.com
Check any of those guys out and you should get much better service, I personally use medialayer to host some of my stuff.
Posted by: Ross | April 18, 2008 11:54 PMIf you want to be the most powerful in game, you should have the enough
Posted by: gfdg | April 20, 2008 7:10 PMWow gold then you can buy the best weapons, equipment, etc. But Farming
wow Gold is very boring and waste a lot of time.