OpenID Main Points
- OpenID is based on a simple idea: a user authenticates with an identity provider (IDP), who then provides the user with a unique identifier (called an OpenID). This identifier can then be used to authenticate the user with any website that supports OpenID.
- The OpenID standard provides a framework for the communication that must take place between the identity provider and the OpenID acceptor(relying parties)
- OpenID is decentralized authentication protocol.
- Main purpose is allowing users to authenticate with multiple websites using a single set of credentials, eliminating the need for separate usernames and passwords for each website.
How to use OpenID
Users need to create accounts by selecting an OpenID identity provider and then use those accounts to sign onto any website that accepts OpenID authentication.
OpenID is NOT for authorization, It is just used for Identity authentication. But why?
Because it don’t want to. Authorization is left to relying parties.