Emailtoid is fallback service for EAUT (Email Address to URL Transformation). At it's heart, it's just a mapping service - we take a GET request to our mapper ( eg, http://emailtoid.net/mapper?email=jane@example.com ) and return an HTTP redirect (a 302) to an OpenID. If the email address is not in our system, we create an OpenID account for the user on the fly. The user logs into the OpenID account by verifying his or her email address through a one time URL or confirmation code sent to that email address. The RP (relying party, the site that originally sent the request) then has the user returned to it.
EAUT is a specification for taking email addresses and mapping them to URLs.
To find the resulting ID from an email address, a XRDS discovery is made on the top level domain (eg, gmail.com). If the resulting XRDS document contains an EAUT mapper or email transformation template, use that. If there is no XRDS document, or if doesn't contain one of the two EAUT types, then you should probably use a fallback service - like emailtoid! You can make the same EAUT request on emailtoid.net and get a mapper URL to use so you'll always be assured of an OpenID. Emailtoid is a fallback service for the EAUT process.
Sites that implement Emailtoid get several advantages. One of the largest ones is that they only have to support OpenID - no more login mechanisms that require users to go through the same sign up process yet again. Sites could, of course, do this before Emailtoid came on the scene, but the difference here is that instead of asking for a URL identifier (which, let's face it, is an adoption hurdle) you can simply ask for an email address, which is a much more familiar identifier.
When a user submits an email address to login, perform EAUT discovery on it and then continue on with the OpenID flow as you normally would. No changes to your OpenID code is needed.
http://eaut.org/code/ has PHP, Python and Ruby libraries that you can look at. Or, you can use the emailtoid.net discovery JSON API - just send a GET request to http://emailtoid.net/discover/ with an email parameter and we'll do the full EAUT discovery process for you.
There are many resources out there to help you OpenID enable your site. The developers document is hosted on openid.net and contains many useful, tasty tidbits of information. You can also always stop by #OpenID on irc.freenode.net and ask questions.
Copyright © 2008 Vidoop. All rights reserved. Read our privacy policy.