Home‎ > ‎

Overview of OpenIDSampleStores

Google has created a few websites that demonstrate log in systems which use an account chooser to support identity providers based on federated login techniques such as OpenID.
  • openidsamplestore.com/basic: Only supports identity providers that are email providers.  This requires much less work by the website owner then the next demo.
  • openidsamplestore.com/advanced: Supports identity providers who are not always the user's email provider.  These types of identity provider require much more work by the website as described below.
  • openidsamplestore.com/social: Extends the advanced demo to also support a local social graph on the site that allows users to follow people they find on the site, and to bring in their friends from their social network. Note: This demos social features can be slow, so sometimes you need to a wait a few minutes or just try again/
Frequently Asked Questions
What features of the site are interesting to test?
Here are videos of basic scenarios, and you can try out these scenarios yourself on the live website.
How does the advanced demo work for identity providers who are not E-mail providers, such as social networks?
The hardest part about designing the advanced site was to find a way to handle all the edge-cases that can happen with these types of identity providers.  Google previously published a summary of best-practices for account-linking that describes why these types of identity providers are so much harder to support.  However this demo
provides a user self-service mechanism for all the tricky cases to avoid the costs that a website might otherwise occur if those users contact a customer support representative. It is based on this summary of the logic for complex IDPs. Note: need to update that summary with a pointer to the open source code.

Here are videos of advanced scenarios, and you can try out these scenarios yourself on the live website: Note: all these videos need to be updated to use the new OpenCart advanced site.  Not sure if I should use Google as the IDP or a social network.  If I use Google, the videos need to explain why Google is a mixed provider and that not all Google accounts are gmail accounts.
How were the websites built?
They were built by taking a popular e-commerce website package, OpenCart, and then extending the login system using the Google Identity Toolkit. That toolkit is designed to help any website use an account chooser with identity providers.

Does a website have to use the Google Identity Toolkit to support this user experience?
No. There are many vendors who support OpenID as well as open source tools. The accountchooser.com site also has information on how a site can build its own account chooser.

Where can I send feedback/questions about the sample site?
Send email to openidsamplestore@googlegroups.com or view the archives of that mailing list
.
My identity provider is automatically logging me into the sample site.  How do I see the OpenID consent page again?
Most identity providers have a page in their account settings which allows a user to control the set of websites that they will be logged into automatically.  Below are links to those pages for some identity providers:

Yahoo Account Settings for OpenID

Google Account Settings for OpenID


I created an OpenID enabled account on the sample site.  How do I change the account to use a password instead?
Click the Account tab and login.  On the account management page click the “Change to legacy login” option to remove the OpenID association and add a password.

I created an account on the sample site.  How do I delete it so I can try the account creation flow again?
Click the Account tab and login.  On the account management page click the “Remove self from database.”

I keep forgetting where to find this FAQ, is there an easier way to find it?

Some of the sample videos use a gmx.com e-mail address as an example of an email that is not directly OpenID enabled. But doesn't GMX support OpenID?
Yes, GMX supports OpenID. However they are not one of the identity providers supported in the current sample site. We hope to add support for other OpenID enabled email providers in the future, including GMX.

Eric Sachs
Product Manager
Google
Comments