Joe,
What you are looking for is something *loosely* like a
cookie. No, OAuth does not have that type of feature. As you might well
know, usually this is done via client side cookies or plain login. Most
probably, I am missing something - maybe we can explore further if we
know more about the specific application requirement. Also guaranteed
unique permanent id is not that easy, especially across distributed
systems.
Having said that OAuth has place holder for
domain/application specific parameters where one could possibly embed a
permanent identifier. As John mentioned, an OAuth extension
specification could be a good idea.
Cheers
<k/>
From: [email protected] [mailto:[email protected]] On Behalf
Of Chris Messina
Sent: Tuesday, December 23, 2008 12:10 PM
To: [email protected]
Subject: [oauth] Re: Confused about oauth
I can't give you a technical answer for this, but no, OpenID does
identity (and claimed identifiers), whereas OAuth substitutes a token
and consumer key for username and password.
That said, you essentially identify requests by the consumer key, and
allow them through if they're signed with the proper access token.
The combination of the two more or less (given my rudimentary
comprehension of how this all works) gives you a way to identify
requests and who they're coming from, but not in the same way that
OpenID is intended for verification of long-lived/durable identifiers.
Hopefully someone more technical can correct me if I'm wrong.
Chris
On Mon, Dec 22, 2008 at 6:12 PM, Joe Bowman <[email protected]>
wrote:
I'm interested in using oauth for a site I'm working on, but I'm a bit
confused about one thing. Does the oauth protocol return some sort of
permanent identifier for the user I can store locally? That way I can
create site specific profile information for the user, and every time
that they log in using oauth, I will get something I can compare my
database data to, to identify the user if they've already logged on
previously?
--
Chris Messina
Citizen-Participant &
Open Web Advocate-at-Large
Vote in the OpenID Board Election!
http://tr.im/vote_oidf
factoryjoe.com # diso-project.org
citizenagency.com # vidoop.com
This email is: [ ] bloggable [X] ask first [ ] private
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"OAuth" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [email protected]
For more options, visit this group at http://groups.google.com/group/oauth?hl=en
-~----------~----~----~----~------~----~------~--~---
