As more Web sites begin to offer personalized services, the need for an easy-to-use authentication system has grown. Many sites are also incorporating services that are familiar to their users—for example, Windows Live™ services and controls. In light of these trends, many Web site operators and developers have expressed interest in incorporating Windows Live ID authentication into their sites. This software development kit (SDK) describes how you can use the Windows Live ID service.
With Windows Live ID Web Authentication version 1.1, you can use the Windows Live ID service to verify the identity of visitors to your site, so that you can offer personalized access to your site’s content by the millions of registered Windows Live ID users. Windows Live ID provides you with a unique, site-specific identifier for each Windows Live user who signs in to your site. Web Authentication also enables you to incorporate Windows Live controls into your site.
Included with this SDK are QuickStart sample applications that implement Web Authentication in ASP.NET, Java, Perl, PHP, Python, and Ruby programming languages. You can get the sample applications for this SDK from the Web Authentication download page on Microsoft.com.
Web Authentication works by sending your users to the Windows Live ID sign-in page by means of a specially formatted link. The service then directs them back to your Web site along with a unique, site-specific identifier that you can use to manage personalized content, assign user rights, and perform other tasks for the authenticated user. Sign-in and account management is performed by Windows Live ID, so you don't have to worry about implementing these details. Windows Live ID profile data is not shared with your site.
Implementation Overview
It's easy to start using the Windows Live ID service on your site. The following steps outline the six general tasks involved in implementing Web Authentication:
-
Register your application. For details, see Getting Your Application ID for Web Authentication.
 Note: |
|---|
|
You do not need to register to run the QuickStart samples, but you must register before you can extend the samples for use on your live Web site.
|
-
Install and run the QuickStart sample application for your platform. For details, see QuickStart Samples for Web Authentication.
-
Display the Sign in link on your page. For details, see Displaying the Sign-in Link.
-
Decrypt the token returned by Windows Live ID to obtain the user's unique identifier. In the sample application, the token is stored in a session cookie called "webauthtoken" to keep the user signed in to your site across multiple page views. For details, see Handling the Response from the Service.
-
Display or store content or personalized data and settings—for example, Windows Live controls—for your user, based on your site's security policies. For details, see Incorporating Windows Live Controls.
-
Sign the user out. For details, see Handling the Response from the Service.
Ready to begin? Move on to Getting Started with Web Authentication.
See Also