Delegating OpenID to Your Google Account
February 26th, 2010
Earlier this morning I made a complaint on Twitter concerning how OpenID URLs are typically long and hard to remember – I was specifically referring to Google’s OpenID URLs. Sure, there are other providers available, and to be perfectly honest I have accounts with some of the more popular (WordPress, Yahoo, etc.), but my Google account is the one provider that gets used on a daily basis.
Chris Harrison brought me back on track telling me I should just use my own domain as my OpenID provider. Honestly, this required more effort than I wanted to exert but I started looking around for simpler solutions. As it turns out, there are two meta tags you can add to the header of your site (openid.server and openid.delegate) that will essentially “forward” any OpenID requests to your OpenID provider. This would allow me to make a quick change on my domain, not worry about maintaining the software that actually serves as the provider, yet still reap all the benefits.
Unfortunately, Google doesn’t support the openid.delegate meta tag…
Fortunately, one of Google’s very own App Engine demos does serve as an OpenID provider and allows you to delegate to their server. App Engine also allows developers to easily include authentication in their application by simply using the user’s Google Account – which is exactly what this demo application does. The end result: I authenticate with my Google Account to this App Engine demo and it serves up OpenID authentication on my domain’s behalf.
Check out the OpenID Provider demo and login to your account. After you’ve logged in the application will tell you what your OpenID URL is, which you could use on sites like StackOverflow to authenticate. If, on the other hand, you want to use your own domain as your OpenID URL, take this information, edit the HTML meta tags below, and toss them into the header of your very own website:
Edit: As Eric Harrison and Carsten Pötter mention within the comments, Google now supports OpenID on your individual profile pages. Check out John Panzer’s tutorial.
