

Google deprecates OpenID 2.0, moves to OpenID Connect - fintler
https://developers.google.com/accounts/docs/OpenID

======
timothya
Yes, it looks like Google is moving on from OpenID 2.0 to OpenID Connect,
which is the new standard [0]. It appears that OpenID 2.0 login will be kept
for compatibility, though [1].

Google+ Sign-In _is an implementation_ of OpenID Connect, with some nice
features built on top:

 _" Google+ Sign-In is built on the OAuth 2.0 and OpenID Connect protocols. It
supports over-the-air installs, social features, and a sign-in widget on top
of standardized OpenID Connect sign-in flows. Google+ Sign-In works for all
users with a Google account, whether or not they have upgraded to Google+."_
[2]

[0]: [http://openid.net/connect/](http://openid.net/connect/)

[1]: [https://developers.google.com/+/api/auth-
migration](https://developers.google.com/+/api/auth-migration)

[2]:
[https://developers.google.com/accounts/docs/OAuth2Login](https://developers.google.com/accounts/docs/OAuth2Login)

~~~
teekert
[http://en.wikipedia.org/wiki/Embrace,_extend_and_extinguish](http://en.wikipedia.org/wiki/Embrace,_extend_and_extinguish)
?

------
nknighthb
Ridiculously misleading title. Yes, OpenID 2.0 is being deprecated, yes they'd
like you to move to Google+ Sign-In, but you can also move to OpenID
Connect[0], which is a saner realization of OAuth 2.0 than OpenID 2.0 was.

And this is made clear right on the page linked to. There is no way anyone
acting in good faith could draw the conclusion that you're being required to
move to Google+ Sign-In.

[0] [http://openid.net/connect/](http://openid.net/connect/)

~~~
scrollaway
I hope the moderators can change the title to "moves to OpenID Connect". As it
stands, it's just linkbait to something that doesn't care about clicks.

~~~
nknighthb
It's a transparent attempt to cast Google in a negative light by pretending
they're requiring use of some proprietary API instead of an open standard, and
it's working beautifully (see top-level comment by seanp2k2 and thegenius's
reply).

~~~
fintler
Seriously? Google+ Sign-In is Google's implementation of OpenID Connect. The
only conspiracy that exists is the one in your head.

------
vlad003
It looks like the OpenID Foundation considers OpenID 2.0 obsolete and OpenID
Connect is the new thing:
[http://openid.net/developers/specs/](http://openid.net/developers/specs/)

------
roryokane
What does this mean for users like me who use Google’s OpenID as the backend
for OpenID delegation? Will I still be able to log in with
“[http://roryokane.com/”](http://roryokane.com/”) as my OpenID if I keep the
delegation tags at that address pointed to Google’s servers, or will I have to
switch to a different OpenID provider? This Google+ integration won’t work for
me, since none of the OpenID sites I am signed into even know that I have a
Google account; they just know my pre-delegation OpenID.

------
seanp2k2
After migrating an app from old OpenID to this, I think I'm done with
integrating Google services for a while.

~~~
thegenius
Yes. I've already taken that leap.

What they need to do instead of getting rid of stuff is instead supporting it
for a long time (10+ years) and just not putting any new features into it /
letting new people sign up.

Otherwise, they'll continue to lose developers' trust.

