Latest Articles

Under the covers of OAuth 2.0 at Facebook

By
For the past three years, the Facebook Platform has been built on top of a session-based authentication system that many developers found complex. In order to make any API calls, you have to understand the details of signature algorithms. It’s a common source of problems for new developers using the Facebook Platform. We have been searching for a way to make

Where’s our country going?

By

It has been so frustrating lately watching the state of this country. I just read an article that made me laugh out loud, and seemed to articulate much of what has been…

OpenID

Lessons from Facebook Connect

By
Last week we finally launched Facebook Connect to the general public. In the time since I joined the team last May, I’ve definitely been surprised by a few things I thought I’d share. think big This time last year, I thought “Man, wouldn’t it be cool if Facebook became an OpenID provider? Maybe if we just
OpenID

I’m running for the OpenID board of directors

By
I’m running for the OpenID board of directors. I’m a little nervous, having never done any sort of political thing before. So let me try to answer some questions. Q. Cool! Can I vote for you? Anyone who is a member of the Foundation is eligible to vote. Membership in the foundation costs $25, and requires
OpenID

How to accept OpenID in a popup without leaving the page

By
For most sites that accept OpenID today, the user experience is one of two things: User is redirected to the OpenID provider, and then redirected back to the original site. This is the most popular one, but it’s a particularly jarring experience for the user. User is given a Javascript browser popup, but when the
OpenID

A proposal for a conceptual “Open Stack”

By
Last summer, John McCrea and Joseph Smarr put together a diagram of the “open stack”. The image showed up in numerous talks throughout last year, culminating in an Open Stack Meetup in December. Last week, Marc Canter sent an email asking for thoughts on crafting a new revision to the “open stack” graphic. I’d like to propose a
OpenID

Logout: the other half of the identity equation

By
This week, Facebook began accepting OpenID for single sign on. At the Internet Identity Workshop, many people raised a lot of questions about Facebook’s implementation, and in general the relationship between single sign in and sign out. In this post, I’ll argue that sign in is only half the battle; if we want OpenID to represent a
OpenID
Under the covers of OAuth 2.0 at Facebook
By
For the past three years, the Facebook Platform has been built on top of a session-based authentication system that many developers found complex. In order to make any API calls, you have to understand the details of signature algorithms. It’s a common source of problems for new developers using the Facebook Platform. We have been searching for a way to make
Personal
Geeks in Vegas? Woot!
By
Last week, Facebook sponsored the TopCoder world finals in Las Vegas. I was lucky enough to go and hang out for a few days with some of the world’s best coders, and it was a fantastic experience. Sadly, I didn’t bring a camera, so I’m linking to these pics from the Flickr photostream. TopCoder is the world’s premier
OpenID
Logout: the other half of the identity equation
By
This week, Facebook began accepting OpenID for single sign on. At the Internet Identity Workshop, many people raised a lot of questions about Facebook’s implementation, and in general the relationship between single sign in and sign out. In this post, I’ll argue that sign in is only half the battle; if we want OpenID to represent a