It's a shame that old OpenID was killed in favour of OpenID Connect. With OpenID I was able to log in to livejournal using OpenID implementation running on my own domain. With OpenID Connect I can only log in with blessed set of providers. Centralization sucks.
I am very surprised by this. I have successfully and interchangeably connected to many OpenId Connect providers, all without any issues. Providers like Azure, Ping, Octa, Auth0, ….
I would never advise anyone to write their own code to integrate with Open ID Connect.
An open source solution pre-built from professionals like Ory Kratos or Keycloak saves you a lot of time and pain.<p><a href="https://github.com/ory/kratos">https://github.com/ory/kratos</a><p><a href="https://www.keycloak.org/" rel="nofollow">https://www.keycloak.org/</a>
A solution I've been using and really enjoy is Hellō [0]. Basically I can integrate Hellō as the OIDC provider on my site (doing it on WordPress and Discourse for now but it can work for other sites) and then people login to their Hellō wallet and then that logs into my site.<p>Hellō manages the social logins so I don't have to worry about adding a bunch of them (and update when new ones come out).<p>It's also run as a cooperative, so I appreciate the business model behind it.<p>[0]: <a href="https://www.hello.coop" rel="nofollow">https://www.hello.coop</a>
Is the current state of affairs any better for SAML identity providers? I need to integrate SSO into our app and am also worried about having to write custom code for every identity provider we want to support.
I've had pretty good experiences with Azure Active Directory's flavour of OpenID Connect. Multiple callback URIs are supported per app registration.
Disappointing to hear that the ecosystem has fared that poorly. Are there really no companies doing this that aren't part of "surveillance capitalism"? When it first came out, I seem to recall that Norton was one of the companies offering Open ID.<p>With GDPR there's a compelling business case for a service provider that acts as a clearing house for personally-identifiable data, so that, as a business, one would only ever deal with anonymized data, thus effectively outsourcing GDPR compliance.