Back to News for Developers

Facebook Supports OpenID for Automatic Login

May 18, 2009ByLuke Shepard

In continuing with our efforts toward greater openness, we are excited to announce that Facebook is now an OpenID relying party. We've been engaging with the OpenID community for a while now. We'll be the largest relying party so far and look forward to contributing back to the community what we learned about how OpenID works with a complex and changing user base.

Over the past several months, we've taken a number of steps that help to build a scalable, secure, and sustainable framework, one that further defines what it means to be an OpenID relying party.

We believe openness and open standards foster a strong developer community with shared goals and interests. So, Facebook joined the OpenID Foundation Board in February of this year.

We've always believed that making the user experience as secure, lightweight, and intuitive as possible, which 200 million people can comfortably enjoy and understand, is one of our top priorities. In the spirit of helping craft a simple and safe login flow for OpenID, we hosted the OpenID User Experience Summit, where we shared lessons learned from developing the Facebook Connect authentication system.

We're also concerned with account security. Again, we shared our experience developing Facebook Connect, where we eventually came up with a design that ensures that users would know that they were providing their login credentials to Facebook, and not some unscrupulous site. We streamlined the OpenID login process while maintaining security, converting the full-page redirect to a pop-up. We worked with the community to develop this pop-up extension to standardize the more streamlined user experience.

We've always let our users express their real world connections. From the beginning, Facebook users could use their college and workplace identities to establish real world networks. Now, they can also use open standards to establish their identities on Facebook.

These are the first steps of many in working with the OpenID community.

Now, users can register for Facebook using their Gmail accounts. This is a quicker, more streamlined way for new users to register for the site, find their friends, and start exploring.

Existing and new users can now link their Facebook accounts with their Gmail accounts or with accounts from those OpenID providers that support automatic login. Once a user links his or her account with a Gmail address or an OpenID URL, logs in to that account, then goes to Facebook, that user will already be logged in to Facebook.

In tests we've run, we've noticed that first-time users who register on the site with OpenID are more likely to become active Facebook users. They get up and running after registering even faster than before, find their friends easily, and quickly engage on the site.

We welcome your feedback on the Developer Forum. And you can read the technical requirements on the Developer Wiki.

We'll keep working on the OpenID experience to make it even better for new and existing users. And we'll continue to work with the OpenID community and others on advancing openness on the Web.