Building Personalized Applications on the Windows Live ID Platform Do you have a cool personalized application that you want to offer to over 400 million users? Do you want to light it up with Live controls or create a mashup with Live resources? Windows Live ID now offers a simple way for third parties to get Live ID authentication in your Web or rich client applications, letting you reach millions of Live ID users, integrate with Live Controls, and access Live services. Windows Live ID supports more than 400 million active users, performing over a billion authentications per day, with a consistent availability of over 99.9%. This foundation service is also available to third-party developers, allowing them to build identity-aware Web and rich client applications using Windows Live services, user data, and social relationships. | " |
Include Windows Live controls in your Web application to seamlessly combine these features with your innovation.
| " |
This article focuses on the Windows Live ID Web and client authentication and explains how you can use it in your application. What is Windows Live ID? Windows Live ID is the identity and authentication platform for all Microsoft online services, such as Windows Live, Xbox Live, Office Live, etc. Many third-party sites also use Live ID authentication. Formerly known as Microsoft Passport, the service was rebranded to reflect the Windows Live brand, as well as new scenarios and features developed to support Windows Live. To a user, Live ID is their identity on various Microsoft online services. It is what they use to send/receive e-mail, chat on messenger, or set up a new Office Live account-so they use it anywhere they see the Live ID logo. Windows Live ID provides single sign-on between all Live ID-enabled services, so once the user is logged in at one of these sites or rich applications, they are seamlessly signed into other Windows Live sites as well. For example, the user can open Live Mail or Windows Live Spaces from Windows Live Messenger without the need to provide their credentials again. Also, a user gets a consistent experience across Microsoft online sites, since all these sites have access to the user’s profile. Windows Live ID authenticates users using credentials such as user name and password, or Cardspace information cards, which provide higher security against phishing. The Live ID service supports a variety of authentication protocols, including WS-*, which allows federated users of Windows Live federation partners to use Windows Live and other Live ID-enabled services. Live ID supports a variety of browsers and Windows PCs, as well as phones, MSN TV, and XBox. Windows Live ID Web Authentication Windows Live ID Web Authentication helps you build identity-aware Web applications. It is a service that allows you to: - Verify the identity of visitors to your site.
- Offer personalized access to your site’s content to millions of Live ID users, who don’t need to create yet another identity.
- Provide single sign-on from your application to Windows Live services.
- Seamlessly integrate the advanced, and useful, functionality of Windows Live controls in a non-programmatic way.
- Access user’s Windows Live data with their explicit consent.
Why Does Your Web Application Need Live ID? Wondering what kind of cool functionality Live ID can help you deliver? The Party Planner
You have a Web application that helps users host that perfect party. With the user’s explicit consent, you get access to their Live Calendar and add tasks to help them get everything done well in time for the big day. Discovering the Lonely Planet
You have a mashup Web application that helps users with their travel plans. Your site is a repository of information on cool locations all over the world. You help users from picking their vacation spot to booking their flights, hotels, and attractions to sharing memories from their holiday with their friends. You incorporate the Live Contacts Control, letting the user choose what contact information they want to share with your site. The user then shares vacation plans or even plans a vacation with selected contacts. You incorporate the Live Spaces Photo Control and let users upload photos from their vacation from their Live space. By using Windows Live ID, the user will be automatically authenticated by these rich controls. The Web Authentication Flow Figure 1 shows the Web authentication flow: 
Figure 1: The Web Authentication flow.- User visits your Web site.
- Your site displays a sign-in link in an IFRAME element.
- User clicks the sign-in link.
- Windows Live ID returns the sign-in page.
- User enters their Windows Live ID credentials on the sign-in page and submits the form.
- Windows Live ID validates the user’s credentials.
- Windows Live ID authentication server redirects the user to your site along with an authentication token as a form post parameter. This token is proof that Windows Live ID has verified the user’s identity. Your site can decrypt this token to obtain the user’s unique site-specific identifier.
- Your site uses the user’s site-specific unique identifier to store or display protected or personalized content. You also incorporate the Live Contacts Control and Live Spaces Photo Controls into your site.
| & | | 
By: Vaishali De
Vaishali De has been a Program Manager on the Windows Live ID team since she graduated from the University of Illinois at Urbana-Champaign in 2004. She has worked on a smorgasbord of features including profile management, rename, device authentication, and service provisioning.
Apart from writing killer specs, she loves fattening up her colleagues with home-baked goodies. With a wide range of interests outside work, her office reflects her colorful personality-it is famous on the Lakeridge campus for its wall “art.”
Vaishali.De@microsoft.com | Fast Facts | | Windows Live ID offers a simple way for you to get Live ID authentication in your Web or rich client applications, letting you tap into over 400 million Live ID users. | |
|