OpenID has certainly gained widespread adoption over the last few years. However many companies are still hesitant to implement this standard as a consuming site (a relying party) because they either think it was too complicated at all or it was not worth the effort to upgrade their existing user base to OpenID.
The former problem can be easily solved with turnkey solutions like JanRain Engage or Gigya. Though if companies do not want to rely on third party solutions or need to upgrade their existing user base, there are hardly any tutorials or references available that explain the possible pitfalls or provide best practices.
Today (well, yesterday if you are living in Europe like me) Google released a demo site – it is a store – and accompanying material like videos, tutorials, and best practices that provide detailed explanations on how to become a relying party, match an existing user base with OpenID, and much more. Eric Sachs, product manager, Google Security, announced this on the OpenID mailing list today.
It is an impressive documentation and probably much time and effort went into it. I especially like that Google used an online store as an example because stores often lack the possibility to log in with third party accounts, although they are perfect examples that could benefit from them. So it comes as no surprise that the OpenID Foundation formed a Retail Advisory Committee earlier this year to address the needs of retailers that want to implement OpenID.
While I applaud the efforts of Google, it also becomes obvious that such a documentation was needed for quite some time. However no one was able to write such a detailed guide. The only reference I know of is Joseph Smarr‘s guide, written three years ago while he was still at Plaxo. It seems like it needs a big company with enough resources to help an independent, open source project to get direction and traction.