OpenID: - authentication protocol. The user is authenticated. OAuth - authorization protocol. The user authorizes a consumer in a manner that his/her credentials remain unknown for the consumer (application). So OAuth is a way for an application (web or desktop) to interact with an API of a service provider on a user’s behalf without knowing the user’s authentication credentials.
Regards, Zsombor On Dec 23, 2008, at 10:09 PM, Chris Messina wrote: > I can't give you a technical answer for this, but no, OpenID does > identity (and claimed identifiers), whereas OAuth substitutes a > token and consumer key for username and password. > > That said, you essentially identify requests by the consumer key, > and allow them through if they're signed with the proper access token. > > The combination of the two more or less (given my rudimentary > comprehension of how this all works) gives you a way to identify > requests and who they're coming from, but not in the same way that > OpenID is intended for verification of long-lived/durable identifiers. > > Hopefully someone more technical can correct me if I'm wrong. > > Chris > > On Mon, Dec 22, 2008 at 6:12 PM, Joe Bowman > <[email protected]> wrote: > > I'm interested in using oauth for a site I'm working on, but I'm a bit > confused about one thing. Does the oauth protocol return some sort of > permanent identifier for the user I can store locally? That way I can > create site specific profile information for the user, and every time > that they log in using oauth, I will get something I can compare my > database data to, to identify the user if they've already logged on > previously? > > > > > > -- > Chris Messina > Citizen-Participant & > Open Web Advocate-at-Large > > Vote in the OpenID Board Election! > http://tr.im/vote_oidf > > factoryjoe.com # diso-project.org > citizenagency.com # vidoop.com > This email is: [ ] bloggable [X] ask first [ ] private > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
