One of the talks at the Future of Web Apps (FOWA) showed me a way to use OpenID that I hadn’t realize yet. Many people, when they think of OpenID, think of it as a way to log in a.k.a. authenticate themselves towards a system. Clearly you could give them anything you want as long as you give them the same OpenID every time you drop by.

Matt Biddulph from Dopplr though, showed some ways how OpenID could be used beyond authentication. Dopplr for example lets you add more than one OpenID account to your Dopplr account, which enables you to login to Dopplr with any OpenID provider. This becomes quite redundant when you add more than two OpenIDs, but Matt Biddulp showed that you can use people’s OpenID for more purposes besides authentication.

I already knew, you could use an OpenID to verify that a person is simply a member of a certain group of people. Much like you could use your student card to get discount at a cinema, an OpenID from your university would show that you are a student. Extending on this your national OpenID could prove your nationality, and your corporate OpenID could prove the company you work for.

Note that the actual identity of the user is not relevant and doesn’t really need to be checked as only the type of the OpenID is the important part. Even better, there is no extension like XRI needed to make this even work.

+

A second example though showed how OpenID+Microformats would be able to give any application a nice read-only API. Imagine that you have an app, and you would like to give your user a simple way to add their friends from their other networks. A simple way to do this would be to let the user provide the OpenIDs of some other networks. Checking with the OpenID server if this OpenID really belongs to that user would be enough for you to then simply fetch the Microformatted contact lists from their profile pages on those sites, and compare that info with your own list of users.

Many networks like Twitter and Jaiku already present their friend lists using Microformats, but they don’t yet provide their users with an OpenID login that would allow any other app to actually verify if user X on your application is actually user Y on that other site. Currently Dopplr just scrapes your Twitter profile page for friends when you give them a username, so you could give them any name you want, but if Twitter would become an OpenID provider than they could use this to check if you are really that person on that network.

[More brainstorming on combining Microformats and OpenID]