- The Musings of Chris Samuel - https://www.csamuel.org -

OpenID Delegation To WordPress.com

Posted By Chris Samuel On In Internet,Security,Wordpress | Comments Disabled

Now that WordPress.com [1] blogs include an OpenID server [2] for free and most WordPress users have an account there as they need it for Akismet to work, it turns out they can use it as the invisible back end to authenticate via their own WordPress blogs (hosted elsewhere) using the concept of delegation [3].

I thought it would be interesting to try and get OpenID delegation going on this blog as a proof of concept, and because I’m tired of commenting on Tim Connors blog [4] as anonymous. 🙂

Now whilst OpenID delegation requires nothing more than a couple of lines of HTML, on a site that is dynamically generated like a blog you need a bit of code to add that into the front page, otherwise it’s not going to work. With WordPress that is done via plugins and casting around I found Eran Sandler’s OpenID Delegate plugin [5] which I took for a spin.

It’s easy to install, a single PHP file in your wp-content/plugins directory, and then an OpenID Delegation item appears in your Option menu. Clicking on that and you will see three cryptically named options:

Initially I tried setting http://????.wordpress.com/ for each field (where ???? is the name of my blog at WordPress.com) and that almost, but not quite, seemed to work according to the OpenID validator [6]. It took me a while to figure out what was needed, but from this forum thread [7] I found a clue [8] that I’d missed a necessary option on the OpenID Server URL.

So, what got it to work for me (and presumably will for you too) is:

The proof that it works ?

A successful comment [9] on Tim’s Live Journal using my blog as the OpenID server. That’s enough to make me happy..

Related Posts