Today, Microsoft released the Windows Live ID Web Authentication service to the world for public consumption.
The Windows Live ID service is an evolution of the familiar Microsoft Passport system. Over the last few years, Microsoft have been extending the Microsoft Passport system to cater for the constant change and evolution of authentication requirements on the internet.
With the first public release of the Live ID web authentication service, Microsoft have updated all of their documentation and are also providing an SDK for the Live ID services. For the convenience of the developers around the world and to increase the adoption rate, Microsoft have graciously provided implementations for the Live ID web authentication product in .NET, Java, Perl, PHP, Python and Ruby.
Everything I’ve read so far on it makes me think that the new web authentication service from Microsoft might gain some traction; however I think there is a sore point that makes the service less desirable. From a user experience point of view, users expect that when they login to a web site that they are not redirected away from it. The Windows Live ID web authentication service requires that you place an
iframe on your site which the actual authentication takes place in; less than perfect. I personally think that it would have been a much nicer product release if they allowed users to authenticate against it using pure web service or remote calls; no
iframe and dodgy browser redirection. Unfortunately, I however sympathise with the pressures that Microsoft are under to guarantee that their users privacy is protected and allowing pure web service authentication does compromise that point some what.
If you’re interested: