With the completion of OAuth Core 1.0, it was time to go back to what I was doing before – getting the Nouncer API ready. Like others, my interest in OAuth started with the plan to use OpenID as the user credential platform for the API. Now that OAuth is ready, I am going back to my initial objective of integrating the two (something I plan to write about in an upcoming post). Given that Nouncer is taking shape as a corporate solution rather than a consumer service, I’ve started questioning the need for OpenID. After all, it is not something you’d think about when discussing closed internal corporate identity systems.
But the more I thought about it, the more interested I got in the idea of using OpenID as an interoperability solution for integrating web-based systems in closed corporate networks. Instead of using expensive products and solutions, if more identity products will support OpenID – not as an open web identity solution – but as an API to their user credentials, the easier it will become to take existing web services and redeploy them for private consumption in a corporate network.
I think there is an opportunity here for someone to build products that add OpenID support to any Linux or Windows server using the server existing user credentials system. Single-sign-on products for the corporate world are expensive and complex, especially when used in publicly traded companies. OpenID has the potential of fixing a problem that is almost the opposite of what it was created for – making closed systems better.