...
| Identity Provideer | Architectural Approach / Protocol | Comments | |||
|---|---|---|---|---|---|
| OpenID, OAuth 2.0 | Synapse currently uses OpenID to authenticate with Google. | ||||
OAuth https://developers.facebook.com/docs/reference/dialogs/oauth/ | |||||
| AOL | OAuth | ||||
| Yahoo | OpenID, OAuth, and OpenID-OAuth Hybrid | ||||
| Flickr | Home grown: | The authentication service is similar to that which we have recently added to the portal. Flickr's approach suggests security improvements, e.g. requiring the relying party to use an API key to identify itself. | |||
| Blogger (Google) | OAuth 2.0 https://developers.google.com/blogger/docs/2.0/developers_guide_protocol#Authorizing |
It seems like the consensus is that OAuth is the way to go.