How do I use more than one OpenID? [closed]

Question

I have more than one OpenID as I have tried out numerous. As people take up OpenID different suppliers are going to emerge I may want to switch provinders. As all IDs are me, and all are authenticated against the same email address, shouldn't I be able to log into stack overflow with any of them and be able to hit the same account?

Answer 1

I think each site that implements OpenID would have to build their software to allow multiple entries for your OpenID credentials. However, just because a site doesn't allow you to create multiple entries doesn't mean you can't swap out OpenID suppliers.

How to turn your blog into an OpenID

STEP 1: Get an OpenID. There a lots of servers and services out there you can use. I use http://www.myopenid.com

STEP 2: Add these two lines to your blog's main template in-between the <HEAD></HEAD> tags at the top of your template. Most all blog engines support editing your template so this should be an easy and very possible thing to do.

Example:

<link rel="openid.server" href="http://www.myopenid.com/server" />  
<link rel="openid.delegate" href=http://YOURUSERNAME.myopenid.com/ />

This will let you use your domain/blog as your OpenID.

Credits to Scott Hanselman and Simon Willison for these simple instructions.

Switch Your Supplier

Now that your OpenID points to your blog, you can update your link rel href's to point to a new supplier and all the places that you've tied your blog's OpenID will use the new supplier.

Answer 2

In addition to the meta tag sample by Otto, you should be aware whether your provider supports OpenID 2.0 (there are numerous improvements). If it does use meta tags as the following:

<link rel="openid2.provider" href="http://www.loginbuzz.com/provider.axd" />
<link rel="openid2.local_id" href="http://example.loginbuzz.com/" />
<link rel="openid.server" href="http://www.loginbuzz.com/provider.axd" />
<link rel="openid.delegate" href="http://example.loginbuzz.com/" />

A good idea would also be to use secure links, but this could limit some relying parties from signing in. This could however be solved by providing a XRDS document.

The really neat thing about XRDS is that you are able to specify multiple providers in this document. Say you have a bunch of different accounts all with different providers supporting different extensions. The relying party are then able to select the best match by itself. In the XRDS document you could also specify multiple URLs for each service, so that https is used when appropriate.

I would also recommend buying an i-name as it by design is more secure (the canonical ID - the i-number - associated with an i-name belongs to you even if the i-name expires).