Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Implementing OpenID. Is there anything unique to identify the user?

Tags:

openid

I would like to implement user authentication using OpenID.

Is there anything unique in user data that OpenID provides that I could use as a key to remember and identify the users? I was thinking of using the email but the user could change it.

like image 705
Alex L Avatar asked Nov 17 '09 21:11

Alex L


1 Answers

The user's OpenID identity is what you should use for this purpose.

This is either the URL entered as an identity, or returned as claimed_id when available. In either case, actually store the identity only after a successful authentication.

Refer to section 7.2 and 7.3 of the OpenID 2.0 Specification for more information.

However, as pointed out by Stephen in the comments, you will need to generate an unique ID yourself if you want to associate multiple identities with a single user.

like image 178
Yang Zhao Avatar answered Nov 24 '22 06:11

Yang Zhao