There are a lot of similarities in the identity processing model between the AOL OpenAuth API's and the Liberty Alliance ID-WSF SOAP based framework (authentication tokens and multi-party transactions to name a few). The similarities are intentional. The goal has been to leverage the work done by the Liberty Alliance and other internet standards organizations, and apply it to the http-rpc space for which till now there hasn't been a “good” solution. While these API's only support AOL services, the model is extensible to other protocols (as Praveen mentions in regards to an extension to OpenID).
The basics for web developers are...
- At runtime
- requires both authentication and consent from the user before returning the authentication token
- requires user consent (can be remembered) before returning requested data
1. Get a provider id (called a developer key)
2. Request an authentication token
3. Invoke AOL identity based service
Much more detailed documentation is available at http://dev.aol.com/openauth.
Full disclosure: I work for AOL but not directly as part of the Authentication team.
Tags: Identity, AOL, OpenAuth, OpenID, Liberty Alliance, ID-WSF