[foaf-protocols] [OpenID] making OpenId RESTful

Story Henry henry.story at bblfish.net
Thu Jan 21 10:50:38 CET 2010

On 21 Jan 2010, at 09:07, Melvin Carvalho wrote:

>> A longer term and more scalable approach would be to define an Artifact
>> Binding for OpenID - where an artifact (aka a short token) is returned to
>> the RP in lieu of the AX data. The RP then makes a backend direct server
>> call back to the OP with the Artifact to get the actual data. Only the
>> artifact is sent on the browser redirect.

This sounds like what I was suggesting in "Making OpenId RESTful" [1] that started this thread.

Essentially the OpenId provider returns a URL where  more information about the user is located. This URL could indeed be a bitly url. 

> Interesting idea, though it adds another connection, it may be worth it.  In
> this case you could be agnostic of the data format, returning key/value
> pairs, FOAF/RDF or ATOM as necessary.

Indeed the web server at that URL can do content negotiation to serve back the URL most desired by the client (The Relying party in this case)


[1] http://lists.foaf-project.org/pipermail/foaf-protocols/2010-January/001477.html

More information about the foaf-protocols mailing list