On Apr 16, 9:52 am, Doug Williams <[email protected]> wrote: > Matt has deployed our answer for one click login. It requires only a small > change to the normal Twitter OAuth workflow and is documented here: > > http://apiwiki.twitter.com/Sign-in-with-Twitter > > This is the perfect tool for web applications wanting to offer users the > ability to sign in with a Twitter account and a single mouse click. We want > to see it in the wild so please let us know if you roll this out in your > application. >
Hi Doug, Signing into websites using your Twitter account is an awesome idea, Twitter accounts would make fantastic portable identities that can be used to sign into 3rd party sites. Most sites using using Facebook Connect or OpenID really just want your profile, follower graph, and the ability to receive viral referral traffic by writing to your activity stream. OAuth is great for 3rd party applications that are built on top of Twitter, however, I'm not sure if it's appropriate to use OAuth token for Signing In to a website, because it allows that site to spam your followers by tweeting on your behalf. Using OpenID is safer for Sign- in, because OpenID would allow Twitter users to verify their Twitter identity, and share their Twitter Profile and Follower Graph (by scraping the microformats on the Twitter Profile Page), without having to authorize access to their Twitter account. If Twitter users sign in with OpenID, 3rd party sites could still generate viral referral traffic by giving users a UI to preview and approve the tweet, by opening a modal dialog or popup that reuses the user's twitter browser session to tweet. Allen
