OpenID Explained

How do I log in with OpenID?

In a nutshell

  1. Enter your OpenID into a website. Your browser then sends you to your OpenID provider to log in.
  2. Log in with your username and password.
  3. Tell your provider that the original website can use your identity. You are then sent back to the original website.

If you're still confused, or want to see it in action, we found this video quite helpful:

A detailed explanation of logging in

  1. Let's say that you're visiting a new website that supports OpenID, you will see a form that looks like:

    a typical OpenID log-in form.  Look for the OpenID logo.

    Notice that with the OpenID log-in system you only have to type in one thing: your OpenID.

    Let's say that you are and that your OpenID is ; then you would type:

    The log-in form with the OpenID filled in.

    Click on the submit button to log in, and suddenly your browser takes you away from the website you are visiting and takes you to your provider's web site (in this case

    A picture with two browser windows.  One is where an OpenID is entered.  The other is, an OpenID provider.  An arrow from to connects them both. receives a message saying something like, "Some body claims to be ; is he actually and can he log into our website?"

  2. At this point, your provider checks to see if you are really , owner of . To prove you are, all you have to do is log in. If you're already logged in as at, then you have passed this step and move on to step 3 automatically. Otherwise, you submit your username and password for your OpenID account. This is your OpenID provider's way of making sure that you are really you.

  3. Now that you've proven that you really are Bob Smith to your provider, your provider wants to make sure that you want to log into the requesting website and that you are willing to share information with it. These days, websites usually just want your provider to verify that you own a particular OpenID, but some websites want to know other things, like your e-mail address, so that they don't have to bother you to get it. Your provider asks you which of this information you're willing to give out and which not. You usually also have the option of giving it out just this once or giving it out automatically whenever the website asks for it. That will look something like this:

    A typical OpenID approval form.  It shows the basic information that the user has already inputed and asks if the user wants to send this information to the requested site every time, this time or not now.

    All you have to do is choose how much information to give and whether to give it just once or whenever the website asks. Notice the "edit" link above the user information.

    (We usually send all the information the websites want and select "allow forever" so that we never have to be bothered with this stuff again.)

    Now, your provider sends you back to the website you were visiting and gives it the information you allowed. You are now logged in!