OpenID Requirements

From Facebook Developer Wiki

Revision as of 22:42, 26 June 2009 by Pete Bratach (Talk | contribs)
(diff) ←Older revision | Current revision (diff) | Newer revision→ (diff)
Jump to: navigation, search

Facebook is an OpenID relying party, supporting automatic login.

This article describes what Facebook needs from an OpenID provider.

OpenID Requirements

We are fully compatible with the spec, although there a few edge cases that Facebook does not yet support.

  • OpenID 1.1 providers are not supported, including AOL. We do support OpenID 2.0 providers only.
  • XRI is not supported at this time.

Immediate Mode

OpenID authentication works in two modes: checkid_setup and checkid_immediate. When a request is made in immediate mode (checkid_immediate), then the provider will return with a "yes" or "no" response immediate. If the user is both logged in to his or her provider and has previously authorized the website, then the provider should return "yes", thus letting the user log in.

For various reasons, several providers don't support immediate mode. Therefore there's no way to support automatic login for those providers. Notably, both Myspace and Yahoo do not yet support immediate mode.

Feedback

If you run your own provider, we would love to hear from you. If you try it out and it doesn't work for whatever reason, please file a bug or post on the developer forum and we'll look into it.

Retrieved from "http://wiki.developers.facebook.com/index.php/OpenID_Requirements"
reference