I'm reading conflicting reports of Facebook OpenID support. A Facebook blog post from 2009 states that they do, but apparently there is OAuth and Facebook Connect. Or do they only support other OpenID logins on Facebook itself? I have only used JanRain's RPXNow up to now, so integrating directly with OpenID is new to me.
As of December 2010, does Facebook support OpenID logins on external sites with a Facebook account?
Facebook is an Relying Party, so you can sign in to facebook using an OpenID.
Is is not a provider, however, so you can't sign in to other websites using your facebook account - at least not using OpenID.
Facebook is not an OpenID provider. There is no OpenID from Facebook you can use on other pages to login. But there are some third party servers that work as proxies. You connect them to Facebook and they provide an OpenID. In the end you have an OpenID if you are logged into Facebook.
Facebook is not even an OpenID customer. There is no page where you could enter your OpenID to login on Facebook.
Yes, you can set up OpenID providers, Google or some other services as so called "Linked accounts". They promise: "If you are logged into one of the accounts below you will automatically be logged into Facebook." But it does not work and it technically can not work as long as Facebook does not ask for the OpenID.
Related
Can someone confirm whether Facebook Login API (https://developers.facebook.com/docs/facebook-login/v2.2) is based on OpenID Connect (http://openid.net/connect/) specification?
No it isn't at the moment. Uses OAuth2 (also used by OIDC)
This page
https://developers.google.com/identity/
states that the "Google Sign-In" secure authentication system "gives you ... federated sign-in with ... Facebook".
Google Sign-In is based on OpenID Connect.
I am not sure if the actually answers your question in the affirmative because the rest of the page only talks about signing in with Google.
I registered with facebook longback using my email ID xxxxxx#hotmail.com.
Now I added my gmail ID xxxxxx#gmail.com
I want to use OpenID for logging into facebook - first I want to log into my gmail using my gmail ID and gmail pasword, then I open facebook in a new TAB (in the same browser) it should not ask for my facebook username & Facebook password.
But it is not working in my case, even after logging in gmail, facebook is asking for facebook user ID and facebook password.
Can you please help with the right procedure for using openID (i.e. gmail login with gmail user credentials for facebook).
I do not think that Facebook supports OpenID login. You either can use OpenID for Google Account or use Facebook's own login scheme and perhaps OAuth too.
https://developers.google.com/accounts/docs/OpenID
https://developers.facebook.com/docs/concepts/login/
https://developers.facebook.com/docs/reference/dialogs/oauth/
I'm confused about facebook and whether or not facebook is an openid provider like google.
According to this link: http://developers.facebook.com/blog/post/246/, facebook is an openid relying party. What does that mean, and is that different from an openid provider like google.
Basically, I am currently using lightopenid to allow users to use their openid's to log into my site, but can't seem to find a url for facebook's openid authentication to do this.
I have seen a question similar to this which confuses me because in that question, the questioner was told that facebook is not an openid provider, yet facebook documentation says something that facebook is a openid relying party...???
Facebook is an OAuth provider. You need to use OAuth if you want to allow Facebook users to authenticate against your service.
Being an OpenID Relying Party means that Facebook accepts OpenID logins from their users, e.g. you can log in to Facebook with your Google account. Your service is also a Relying Party if it allows users to authenticate using their OpenIDs.
For more information on the terminology used by OpenID, see the OpenID Wikipedia article.
We are using Echo (aboutecho.com) so that users can add comments by logging in through Google, Yahoo, AOL, and OpenID. Echo does this by using JanRain.
All is well except Facebook is missing, but to add Facebook login, we need to change the Facebook app's Base URL to oursite.rpxnow.com (rpxnow is JanRain's website)
It works except, is it true that the website's existing method of using Facebook Connect to log user's in will stop working? Because the existing Facebook login need to match our domain, such as www.oursite.com, as registered in the Facebook app setting, but JanRain also wants to change that to oursite.rpxnow.com? Since Facebook can only accept one domain, it will choke on one or the other? thanks.
If you are using Janrain Social Login(Engage) then you will be replacing the Facebook Connect method with the Janrain authentication method.
When you use Janrain Social Login you will get back a Janrain Social Login oAuth token. This token can be used to retrieve the user's normalized payload of data from the successful authentication event through thisAPI endpoint: (https://{your-engage-domain.com}/api/v2/auth_info). There are code samples for this on the Janrain website.
This payload will contain the oAuth token for the user's Facebook authentication that you can use to perform additional calls against the Facebook API.
Janrain Social Login also supports this API Call: (https://{your-engage-domain.com}/api/v2/add_or_update_access_token) which allows you to use a token generated using Facebook Connect (assuming you are using the same Facebook Application ID for both Facebook Connect and the Janrain Social Login) and add or update the Facebook token stored by Janrain's server.
Referencing Is Facebook an OpenID provider? here. This is kind of an additional question based on it.
I have also read the article at : What is the "openid" url of facebook? - but I am still pretty confused on the whole ordeal. The goal is for people who use facebook to easily login to our website, not to neccessarily integrate with facebook and add things to it (yet). I have read the documentation on facebook connect and am still having trouble grasping exactly what we need to do to accomplish this.
I notice that it says that facebook accepts openid logins - so in theory someone with a facebook account could login to a site that took other openid logins, correct? Or do I have to code a separate 'facebookconnect' system just to accept logins from facebook accounts?
There is a difference between an OpenID provider (who gives you a URL you can log into other sites with) and an OpenID consumer (who lets you log into their site using an OpenID URL).
Someone who "accepts openid logins" sounds like a consumer, but your description "someone with a facebook account could login to a site that took other openid logins" is describing a provider.
There's nothing stopping a site being both a consumer and a provider, but as far as I know, Facebook isn't one.
You have to code a separate "Facebook Connect" system just to accept logins from Facebook accounts, they do not use the OpenID standard.
RPX is a commercial service that offers a way to cut down on some of the confusion.