We're using an API from a provider; in their next version, they would provide an OpenId server but mostly the users are using their desktop application. An other website we're building would be opened from this application and we supposedly would connect with openid to access the resources stored in this provider.
Still I don't understand how this would work if user is already authenticated with the desktop, will they have to authenticate an other time ? What happens if they close their browser and reopen it, will they have to to do it again ?
OpenID and desktop apps are totally completely and altogether incompatible. You cannot secure a desktop app using OpenID.
Look at OAuth. It can work with or without OpenID, but OAuth is all about authorizing apps including desktop apps to access network resources.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With