Many people have asked recently about the status of the Windows Live® ID community technology preview (CTP) OpenID endpoints, so here is a quick update. We gathered a lot of great feedback during the OpenID CTP period, and we have fed that into our team's OpenID product plans. Thanks to everyone who provided input—you have directly impacted the product! The Production release of Windows Live ID's OpenID Provider support will look significantly different from the CTP version, so we are in the process of closing the OpenID CTP endpoints to avoid any confusion. Currently, we do not have a schedule that I can publicly share for when we will release full Production support of OpenID for Windows Live ID users, but rest assured that we are working actively to provide OpenID functionality to all of our 500+ million Windows Live ID users! Background: Our Approach in the CTP A major characteristic of our OpenID Provider (OP) CTP was the attempt to use an account alias as both a “vanity URL” as well as a defense mechanism to help protect against phishing attacks. In the CTP, Windows Live ID users were required to create an OpenID alias (such as “http://openid.live.com/john”) attached to their account, and then to use that alias not just at the OpenID relying party site, but also as the way to identify themselves to the Windows Live ID OP. When arriving at the OP sign-in screen, users were required to enter their OpenID alias (instead of their normal Windows Live ID user name) plus the password (or one of their other associated credentials, such as an Information Card) from their main Windows Live ID account. Why this approach? One of the main things we were (and still are) trying to do with the Windows Live ID OP is to provide as much protection as possible to our Windows Live ID users against phishing attackers who use OpenID. OpenID does not support a network sign-out function as part of its protocol, w

Windows Live ID Commits to Support OpenID Beginning today, Windows Live™ ID is publicly committing to support the OpenID digital identity framework with the announcement of the public availability of a Community Technology Preview (CTP) of the Windows Live ID OpenID Provider. You will soon be able to use your Windows Live ID account to sign in to any OpenID Web site! The Windows Live ID OpenID Provider (OP) enables anyone with a Windows Live ID account to set up an OpenID alias and to use that alias for identification at an increasing number of OpenID 2.0 relying party sites—for example: Plaxo, Pibb, StackOverflow.com and Wikispaces. What is OpenID? The official answer from the OpenID Foundation (the guardians of the OpenID specs) is that “OpenID is a fr

There will be lots of the great sessions at the the Microsoft Professional Developer Conference (PDC) in October and the Windows Live Platform crew will be there in force to share all the latest goodness we have been working on during the last few months. You can expect some very interesting announcements at PDC that will be of great interest to anyone developing cloud applications.... Jorgen Thelin will be there this year presenting a session about the wealth of Windows Live ID Identity Services functionality that developers can use to enable Windows Live / Live ID services to be integrated into their web sites and applications. Session BB22 - Live Platform: Identity Services The Live Platform enables developers on any platform to choose the identity integration model that best enables their scenarios, including: web or client authentication, delegated authentication, or federated authentication. Learn how to build seamless, co-branded, and customized sign-up and sign-in experiences.

Today the Windows Live™ ID team released the Delegated Authentication SDK v1.0, which provides a platform-neutral way for Web applications to access customers’ information from Windows Live services while customers remain in firm control of their own data. This release is part of a broader announcement of a whole set of releases from the Windows Live Platform team that are described by our boss David Treadwell in his blog posting today. Windows Live Delegated Authentication is a feature that gives Windows Live ID customers the ability to consent to the scoped release of their personal information to particular Web sites in a reliable yet flexible manner. Customers grant (or withhold) consent by means of a straightforward user interface, as shown here: Delegated Authentication is a way to grant access to personal information, but with more precise control over permissions and usage than the current binary decision (that is, fully on or fully off) that comes with the generally bad practice of handing over your account credentials to another Web site. Simultaneously with the debut of Delegated Authentication, the Windows Live Contacts and Windows Live Photos teams have released updates to