background November 26, 2009

Google Offers Named OpenIDs

I love Google — and I’m not just saying that because they deliver 90% of our traffic and more than 60% of user OpenIDs, I swear. But I am a little bitter that their OpenID support has two major flaws which cause us a great deal of ongoing pain: Google’s OpenIDs are domain specific. The…
Avatar for Jeff Atwood
Co-Founder (Former)

I love Google — and I’m not just saying that because they deliver 90% of our traffic and more than 60% of user OpenIDs, I swear. But I am a little bitter that their OpenID support has two major flaws which cause us a great deal of ongoing pain:

  1. Google’s OpenIDs are domain specific. The very same gmail account, if you sign up on 5 different OpenID enabled websites, will result in 5 different random hash OpenIDs being generated. While this is probably OK in the general case (though still an exceedingly rare behavior among OpenID providers), it’s incredibly aggravating for us because we like to let users map their Stack Overflow, Server Fault, Super User, Meta, and Careers accounts to each other. And cross-site user mapping is a huge PITA when there is no common per-user identifier between those 5 sites. We have a workaround in place but it is not pretty, and I think writing it drove Jarrod to drink.

  2. Google’s OpenIDs are random hashes to the server. This means I have no idea if you used crazyman45@gmail.com, hellaleet@gmail.com, or lovezwafflez1@gmail.com to sign up with us. It is literally impossible for me to help you figure out which one you need to use to log in. All I can tell you is, “you used a gmail account”. Which one, I have no idea. And neither do you, apparently.

While there is certainly an argument for privacy to be made here, it sure would be nice to have the choice between a random per-site hash OpenID like …

https://www.google.com/accounts/o8/id?id=aitoaxleeuzwdizb1g2_wvnob5pwvx

And a stable, readable OpenID like …

http://www.google.com/profiles/your.name.here

Well, the good news is, now you can! Google just gave us a fantastic Thanksgiving Day present in the form of Google Profiles supporting OpenID. And with a Google Profile, you get to pick a named URL of your choice!

So, if you’d like to add a named Google OpenID to your account, here’s how.

First, log in as yourself. Go to your user page and look for the “add openid” or “change openid” link. (Note that we support up to two openids per account and you can change them at any time.)

so-openid-google-1

Since you’re already logged in you are adding a new openid. Enter your Google Profile URL in the area where it says “manually enter your OpenID URL”, and click Login.

so-openid-google-2

You’ll get redirected to Google where you can OK the use of your OpenID by our website.

so-openid-google-3

You’ll get redirected back to us, and we confirm that yes, indeed, you do want to add this OpenID to your account. (In case you’re wondering, this confirmation is required — otherwise clicking a single evil link could automatically and silently add a new, rogue OpenID to your account effectively owning you.)

so-openid-google-4

Now you’re back on your user page — note the newly added OpenID on my account. And if I want to change it, I can just click “Change OpenID” any time I want.

so-openid-google-5

The only thing that throws a monkey wrench into this process is when you have a single OpenID provider and that provider either changes their string format, or goes belly-up. Don’t worry, both cases are fixable, but it requires emailing us. Still, I highly recommend having two different OpenID providers associated with your account at any given time.

Kudos to Google for rolling out named OpenID support in the form of Google Profiles. While you can of course continue to use the existing Google OpenID support, if you plan to use multiple ‘stack sites (or Stack Exchange sites) I assure you that your life will be much easier if you pick a stable, named Google OpenID rather than relying on the default random hashes.

Podcast logo The Stack Overflow Podcast is a weekly conversation about working in software development, learning to code, and the art and culture of computer programming.

Related

code-for-a-living May 17, 2021

Incremental Static Regeneration: Building static sites a little at a time

There are a lot of opinions out there about how to improve and scale sites “beyond the Jamstack” by adding in features that use a Node server in addition to the pre-built pages. One of those features is called Incremental Static Regeneration. Some people call it “hybrid web development” (or “hybrid serverless + static”) but let’s talk a bit more about what that means.
Avatar for Cassidy Williams
Principal Developer Experience Engineer at Netlify, Co-curator of The Overflow