Delivering Data Portability – Delegated Authentication SDK v1.0
Today the Windows Live™ ID team released the Delegated Authentication SDK v1.0, which provides a platform-neutral way for Web applications to access customers’ information from Windows Live services while customers remain in firm control of their own data. This release is part of a broader announcement of a whole set of releases from the Windows Live Platform team that are described by our boss David Treadwell in his blog posting today.
Windows Live Delegated Authentication is a feature that gives Windows Live ID customers the ability to consent to the scoped release of their personal information to particular Web sites in a reliable yet flexible manner.
Delegated Authentication is a way to grant access to personal information, but with more precise control over permissions and usage than the current binary decision (that is, fully on or fully off) that comes with the generally bad practice of handing over your account credentials to another Web site.
Simultaneously with the debut of Delegated Authentication, the Windows Live Contacts and Windows Live Photos teams have released updates to their services to use this new feature, enabling customers to permit other Web applications to access their photo albums or their Hotmail® / Messenger contact lists.
This is a big step in delivering real, user-centric data portability—giving Windows Live customers explicit control over releasing their information from Windows Live services and sharing that data with other applications that they want to use. The value of allowing software to access our personal data across multiple Web sites can be huge in terms of:
- Time saved—who wants to keep contact lists up to date manually across a number of different e-mail accounts?
- Possibilities created by combining data from different sources in new and innovative ways—for example, overlaying your friends’ latest home and work addresses with the details of your travel itinerary for an upcoming business trip could allow unexpected opportunities for reunions with people you haven’t seen for many years.
Windows Live Delegated Authentication is the strategic delegation platform for Microsoft Web properties, and is built on the proven, highly scalable technology used by the Windows Live ID authentication service.
Delegated Authentication is an evolution of the earlier prototype Cumulus PGUX Alpha release (a.k.a. Windows Live Data) seen at MIX07. The PGUX system will be phased out during the next six months, and during that time we’ll be working with any developers currently using the PGUX service to help them make the transition to the Windows Live ID Delegated Authentication system.
A white paper is available to provide a high-level overview of how Delegated Authentication works and how it can be implemented and used by Web application providers. More details are provided in the Delegated Authentication SDK documentation on MSDN®.
The SDK release includes sample applications for each of six different programming languages: ASP.NET, Java, Perl, PHP, Python, and Ruby. The use of this SDK is governed by the Windows Live Platform Terms of Service.
Delegated Authentication is the strategic programming model for consent-based data portability for all Windows Live services going forward. More Windows Live services will be releasing support for this feature in the coming months; the Resource Provider Directory shows the current list of Windows Live services that support Delegated Authentication and the status of each release.
Windows Live Delegated Authentication is both a powerful enabler of a new class of user-centered Web services, and also an opportunity for users to take back control of their own personal data and make informed decisions before releasing that data to other parties.
-- Jorgen Thelin, Senior Program Manager, Windows Live Identity Services
Some Typical Scenarios for Windows Live Delegated Authentication
Here are some scenarios that illustrate how Windows Live Delegated Authentication might be used.
- Social Networking Address Book – A social network site can synchronize a customer’s Windows Live Contacts list with his or her “friends” lists from other social networking sites, to ensure that the customer can keep e-mail and contact information updated as friends change jobs or move around the country.
- Family Photo Album – A family Web-site service could automatically retrieve the latest digital photographs from each individual family member’s personal photo-hosting account, to create an up-to-date snapshot of family activities.
Resources
· Understanding Windows Live Delegated Authentication white paper
· Windows Live ID Delegated Authentication SDK
· Windows Live ID Delegated Authentication SDK documentation
· Windows Live Platform Terms of Service
· Windows Live Delegated Authentication - Resource Provider Directory
· Windows Live ID - Development Support Forum
· Windows Live ID Developer Home Page
· Windows Live Contacts Developer Home Page
· Windows Live Photo APIs Developer Home Page
· David Treadwell’s Windows Live Platform Announcement blog posting
すべての返信
It's cool stuff. Very cool.
I've written a blog post about it, and made a test version based on work by Angus Logan. You can run my test (and download the source code) at http://wlid-da.alex-media-services.com.
If you're doing that and got any remarks - anything at all - feel free to e-mail me at alex@alex-media.nl
