Comments on: Blog posting delegation and third-party auth

By: Geekularity » Can OpenID be used for API Authentication?

Geekularity » Can OpenID be used for API Authentication? — Mon, 09 Apr 2007 19:19:47 +0000

[...] Orchard has an open discussion about using OpenID in a blog comment [...]

By: Ian McKellar

Ian McKellar — Mon, 12 Mar 2007 19:26:16 +0000

@l.m.orchard: in my experience the problems are with the formatting of the content (do blank lines turn into paragraphs, etc) and fragile post IDs (the upgraded wordpress and spammed all my friends on livejournal or planet problem). I'm not sure how to fix either of these problems but I think they're both problems Atom is attempting to solve...

By: l.m.orchard

l.m.orchard — Mon, 12 Mar 2007 19:01:45 +0000

@ian: Hmm, yeah, that does sound like the least complicated way to get outside content pulled into a blog without releasing the blog's login details. I know I've seen / used some WordPress plugins that do basically that, though I've not been happy with any of them yet. I should re-look into why that's been the case

By: Ian McKellar

Ian McKellar — Mon, 12 Mar 2007 18:44:46 +0000

@l.m.orchard: you don't need to just aggregate you can also import posts into your own store. We could come up with a cleverly confusing buzzword acronym like Atom Pull Publishing. You just periodically poll a feed and import the items. Actually, this is kind of what Google Reader is doing. They've even got a namespace in their atom for expressing the original id and the source feed. Perhaps I should write a drupal module.

By: l.m.orchard

l.m.orchard — Mon, 12 Mar 2007 17:58:35 +0000

@ian: Hmm, yeah, that probably does end up being the least onerous solution - just offer an aggregated feed of one's output. I do like the idea of auto-posting to a blog, though, for the sake of something sorta like daily backups to a system I control.

By: Ian McKellar

Ian McKellar — Mon, 12 Mar 2007 17:43:49 +0000

It seems to me that the ideal solution to this is to have your blog pull new posts from an RSS/Atom feed that's hosted by the service that is generating your content. Feedburner already has a half-assed implementation of this where they'll pull your delicious bookmarks and flickr photos into your burned feed.

By: l.m.orchard

l.m.orchard — Tue, 06 Mar 2007 18:04:57 +0000

Yeah, I figured making multiple accounts is a way to go when you've got your own install of something like WordPress. It kind of gets stymied, though, if you want the same thing for a hosted service like WordPress.com, Vox, TypePad, or LiveJournal where one account = one blog.

By: George Hotelling

George Hotelling — Tue, 06 Mar 2007 17:51:55 +0000

At first I had this great idea to build a blog posting proxy service that could grant access to your blog to different services by giving them different usernames and passwords and you could revoke them at any time and it would be great and everyone would be posting to everyone's blog all the time.

Then I realized I had put on complicator gloves and that it would be way easier to just add new users to my blog without a proxy service.

By: Kim Cameron’s Identity Weblog » Blog posting delegation and third-party auth

Tue, 06 Mar 2007 02:22:29 +0000

[...] at 0xDECAFBAD (…t’s all spinning wheels and self-doubt until the first pot of coffee) expands on the idea [...]

By: l.m.orchard

l.m.orchard — Mon, 05 Mar 2007 22:48:24 +0000

Not really, unless I don't entirely understand OpenID.

OpenID offers way to authenticate yourself. However, what I want is an easy way to delegate your access to 3rd party apps, without those apps being able to authenticate as you or performs actions outside of the permissions you approve. I don't really want Flickr Uploader, Ecto, MarsEdit to be able to use OpenID to login as me with carte blanche.

With a token-based system like Flickr has, I can approve delegation to various apps and revoke their access at any time - without ever releasing my login details.

By: fluffy

fluffy — Mon, 05 Mar 2007 22:40:26 +0000

Wouldn't openID be a better candidate for this?