: Facebook connect vs. OpenID I just started working on a new project that has a general login feature. One suggestion in a meeting was to look into Facebook Connect or OpenID as an alternative.
I just started working on a new project that has a general login feature. One suggestion in a meeting was to look into Facebook Connect or OpenID as an alternative. I'm curious if there's one that has less of a learning curve, or if they can both be used on the same site.
Also, when you use either, do you have them initially create the account and just get a verify True/False back that you then use to set up a local user account? I what about forgotten passwords? I'm kind of curious as to best practices for integrated this type of login with a "traditional" one where you store the user info yourself.
Thanks,
D
More posts by @Vandalay111
2 Comments
Sorted by latest first Latest Oldest Best
The best approach is a combined one
Using only Facebook Connect alienates those without a Facebook account.
Using only OpenID alienates those who don't understand OpenID (i.e. most non-technical folk).
Using only a simple username/password login system alienates those who don't like to keep separate usernames and passwords for each and every site, or who've long given up filling forms and registering for services the 'traditional' (slow) way.
So it makes sense to offer Facebook Connect and OpenID and a regular username and password -style login system whenever you can if you want to increase likely sign ups.
Third-party services can make implementation easier
To implement this without losing hair, I suggest a service such as Engage from Janrain or Social Login from Gigya, who both offer social login systems that work alongside vanilla username/password ones. You need not be familiar with OpenID or Facebook Connect -- Engage does that for you and provides a plug-and-pray-style interface for you to add to your site.
Accounts are managed externally
As Paul rightly says, the social service or OpenID provider deals with forgotten passwords -- you're 'borrowing' their login system to add a user to your site, but the account management for the user still occurs on the third-party site. If a user changes their password on Facebook, for example, they need not do anything on your site; they just login via Facebook again and they're logged in on your service too (and everywhere else that uses Facebook Connect).
Profile information is shared with you
When a user signs up on your site via a third-party service (e.g. Facebook) you can pull in data from the user's profile on that service to store in your own database, for example. The data you have access to depends on the user's privacy settings and the service. Janrain have a full list of profile data that you get access to depending upon who the user signs up with.
There's a good discussion of the pros and cons of Facebook or OpenID here:
Should I support facebook login or openid login?
Both Facebook and OpenID allow the passing of extra information - e.g., see this Facebook article: developers.facebook.com/docs/plugins/registration/
That plugin will also allow you to use your own registration system too.
If you use one or the other, or both, forgotten passwords are not your problem, but are dealt with via Facebook or the OpenID provider.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.