Google Combines OpenID and OAuth in new Hybrid Protocol

Andres Ferrate, January 30th, 2009

Google OpenID and OAuth: Together at LastGoogle is making it even easier for developers wishing to implement OpenID with the OAuth. Google has announced that developers can now utilize a “Hybrid Protocol” that combines the OpenID federated login with the OAuth authorization process. The new OpenID OAuth extension makes it easier for developers to implement OAuth through initial authentication using OpenID. According to Yariv Adan on the Google Data APIs Blog:

We are happy to announce an important enhancement to our recently launched OpenID endpoint. Google now supports the “Hybrid Protocol“, combining OpenID federated login together with OAuth access authorization. Websites can now ask Google to sign-in a user using their Google Account, and at the same time request access to information available via OAuth-enabled APIs such as the Google Data APIs.

For example, the website www.Plaxo.com is an early adopter of the new service and has already released a beta version supporting it for some of its new users. Plaxo’s UI provides both a richer sign-in offering, using the Federated Login OpenID API, and a simple and secure way to import their Google Contacts using OAuth. In the past, sign-in required multiple redirects between Plaxo and Google, and more importantly, multiple user approval pages, one for OpenID during sign-in and another for the OAuth access authorization request. No more!

Plaxo OpenID

We encourage you to check out the Plaxo OpenID-based sign-in to get an idea of how the new protocol has been implemented. Google has provided plenty of documentation and examples with this latest release, including a draft specification of the OpenID OAuth Extension, a sample implementation of the new protocol, a Google Groups page dedicated to the topic, and a Google Code project page (complete with source).

Hybrid Example

ReadWriteWeb, Plaxo, VentureBeat, and TechCrunch all have additional coverage on the news.

Both comments and pings are currently closed.

10 Responses to “Google Combines OpenID and OAuth in new Hybrid Protocol”

January 30th, 2009
at 12:39 pm
Comment by: Google lance son offre concurrente à Facebook Connect | FredCavazza.net

[...] Face à une telle révolution (quel confort pour l’utilisateur), la réponse de Google ne s’est pas fait attendre. Et fidèle à sa réputation, Google nous propose une solution à la pointe du raffinement technologique avec un protocole hybride qui repose à la fois sur OpenID et sur OAuth (respectivement pour l’authentification côté utilisateur ou pour l’authentification sécurisée côté API) : Google Combines OpenID and OAuth in new Hybrid Protocol. [...]

January 30th, 2009
at 3:29 pm
Comment by: Google Likes OAuth and 15 Resources to Get Started! - WebServiceable

[...] caught wind of OAuth through Yariv Adan on the Google Data APIs Blog via the almighty ProgrammableWeb, and I’m excited to see what happens [...]

February 2nd, 2009
at 3:14 am
Comment by: Enlaces del 02-02-09 | evelio.info

[...] Google Combines OpenID and OAuth in new Hybrid Protocol [...]

April 21st, 2009
at 3:58 am
Comment by: Ideal » Archive du blog » Google lance son offre concurrente à Facebook Connect

[...] Face à une telle révolution (quel confort pour l’utilisateur), la réponse de Google ne s’est pas fait attendre. Et fidèle à sa réputation, Google nous propose une solution à la pointe du raffinement technologique avec un protocole hybride qui repose à la fois sur OpenID et sur OAuth (respectivement pour l’authentification côté utilisateur ou pour l’authentification sécurisée côté API) : Google Combines OpenID and OAuth in new Hybrid Protocol. [...]

May 14th, 2009
at 7:57 pm
Comment by: Google Enhances OpenID API and User Experience

[...] new features available for its OpenID API. As some of our readers may remember, earlier this year Google released a “Hybrid Protocol” API that combines an OpenID federated login with OAuth access authorization. The API has been enhanced [...]

July 25th, 2009
at 5:39 am
Comment by: atlantica power leveling

The new OpenID OAuth extension makes it easier for developers to implement OAuth through initial authentication using OpenID.The new MMORPG of atlantica power leveling is hot now, we are providing the cheap atlantica power leveling service for you.

March 12th, 2010
at 6:32 am
Comment by: Activity Streams and OAuth: a social web architecture | Ben Werdmuller

[...] we’ll need the OpenID / OAuth hybrid standard, because we’ll be using OpenID to authenticate, and OAuth to power our decentralized [...]

December 15th, 2011
at 11:27 am
Comment by: Haus Kreditrechner

Hi! I know this is kinda off topic however , I’d figured I’d ask. Would you be interested in trading links or maybe guest authoring a blog post or vice-versa? My site covers a lot of the same topics as yours and I feel we could greatly benefit from each other. If you are interested feel free to shoot me an email. I look forward to hearing from you! Great blog by the way! Haus Kreditrechner

December 15th, 2011
at 12:35 pm
Comment by: Hauskreditrechner

I enjoy what you guys tend to be up too. Such clever work and reporting! Keep up the superb works guys I’ve incorporated you guys to my blogroll. Immobilienkreditrechner

December 12th, 2012
at 8:47 pm
Comment by: Dalia Fukano

The Zune concentrates on being Ugg Boots Sale a Portable Media Player. Not a web browser. Not a game machine. Maybe in the future it’ll do even better in those areas, but for now it’s a fantastic way to organize and listen to your music and videos, and is without peer in that regard. The iPod’s strengths are its web browsing and apps. If those sound more compelling, perhaps ugg boots outlet it is your best choice.

Follow the PW team on Twitter

ProgrammableWeb
APIs, mashups and code. Because the world's your programmable oyster.

John Musser
Founder, ProgrammableWeb

Adam DuVander
Executive Editor, ProgrammableWeb. Author, Map Scripting 101. Lover, APIs.