IconBuffet and Shopify add support for OpenID

Shopify » Please Log In

Two more announcements for OpenID adoption — but this time on the consuming side (as opposed to my originally incorrect report about WordPress.com — for now, they’re only serving as an identity provider).

The first is Shopify, a great Rails-based custom store application. As Alex points out, these guys really get it right — and make it super easy to create compelling marketplaces. And now, it’s super easy to log in with OpenID.

IconBuffet | Login

Meanwhile, IconBuffet has gone through a major overhaul, becoming something of a social network for … icon enthusiasts! (Sweet!) One of the more existing aspects of the relaunch (at least for me) is their use of OpenID: you can either create a new account with an existing OpenID (say, your WordPress.com blog URL) or you associate your existing account with an OpenID. Either way, they too’ve made it really easy to get going with OpenID.

I imagine that these won’t be the last of the increasing deployments of OpenID in the medium- to long-tail (read: not Google or IBM, but small business community). What’s so existing about these recent additions is their proximity to commerce — and how folks like Shopify could eventually weave a web service that allows you to check out — entirely by way of logging in to your OpenID provider. If you choose a good OpenID provider, you can start to see how the CardSpace metaphor makes sense — just like when you go out to eat and depending on whether it’s a business meal or a personal expense, you’ll use a different credit card to pay.

The same thing is true for OpenID — where you can have as many OpenIDs as you like and you can pick among them for different uses or purposes. It’s only a matter of time before I go to check out at IconBuffet, I login with my WordPress.com OpenID and I’m able to use credits that I’ve purchased on WordPress.com to pay for my icons — with no need to reach for the credit card, to fill in my address info or any of that ever again!

Now, if that doesn’t sound exciting, you might want to check your pulse. 😉

WordPress.com adds support for OpenID

Trust this site with your identity? -- WordPress.com

I think I might have jumped the gun on this one. Ok, I did. It seems that for now, WordPress.com is only an identity provider and not a consumer, meaning that you can use your WordPress.com blog address as an OpenID but you can’t yet log into WordPress.com with your OpenID. My bad.

In talking to Matt last Friday at the Adaptive Path party, I asked him when OpenID was coming to WordPress.com — the hosted blogging service — and he replied “Monday”.

Well, a day late but hardly a dollar short, WordPress.com has added bi-directional support for OpenID.

What this means is that you can both sign in to WordPress.com using your existing OpenIDs (making WordPress.com a “consumer”) as well as use your WordPress.com URL (for example, https://factoryjoe.wordpress.com) as an OpenID elsewhere, making WordPress.com an iDP or “identity provider”.

The FAQ entry is pretty descriptive and I’d recommend you take a look at it. WordPress.com now joins a growing array of service providers offering support for this grassroots-driven authentication protocol.

No word on when OpenID will hit core of the WordPress project, but there are already two great efforts driven first by Alan Castonguay and more recently Will Norris — which point to a positive future between the two open source initiatives.

Fixing Error 412 and Precondition failures in WordPress

Apparently mod_security is really aggressive around certain words (like in my previous post). To get around this, add SecFilterEngine off to your .htaccess file. You might not want to leave that snippet in there long, since it disables the security check, but if you find WordPress denying you the ability to post, it’s worth a shot.

Gems from Matt