Provide authentication with OpenID Connect
Since plain oauth for accessing the API is primarily for authorization, it would be great to be able to use ORCID as an authentication provider with an open standard as OpenID Connect. Users could then easily log into other research platforms using their ORCID account.
We are glad to let you know that this development is finished and ORCID now supports OpenID Connect. For more information you can refer to: https://github.com/ORCID/ORCID-Source/blob/master/orcid-web/ORCID_AUTH_WITH_OPENID_CONNECT.md
We will also be announcing this functionality in our blog soon: https://orcid.org/blog
For any other questions, please feel free to contact firstname.lastname@example.org
ORCID Community Team
Is this done yet?
Great, expecting a challenge for the OpenID on http://orcid.org/0000-0003-2016-4208 "soon", but not holding my breath: OpenID is acrually older than OAuth.
Markus Müller commented
thanks for any news
Any updates? Seems very useful!
raoul ciappelloni commented
I am really interested about OpenID integration; any news about it?
Paul Dlug commented
Is there any update on the status of this feature? It would be really helpful to have support for OpenID Connect. It would also enable the use of hosted identity services like AWS Cognito which support OpenID Connect (http://docs.aws.amazon.com/cognito/latest/developerguide/open-id.html).
Markus Ankenbrand commented
I would really like this feature, too. Is there any update on the status?
Graham Klyne commented
Yes please! I am working on an application I could use to test it with when available (currently works with Google+)
We don't have a firm plan or timeline for this project yet as the details are still being worked out. But I've moved the status up to started as we are working with OpenID and have started coding the integration. I'll update the status again when we are further along.
Robert Davey commented
Do you have a more up-to-date roadmap of this OpenID integration? We'd love to be able to map users properly to services rather than just Oauth2, especially for those services where we need to reliably ensure user data/metadata submission is coming from a particular ORCID-authenticated researcher, e.g. COPO (https://documentation.tgac.ac.uk/display/COPO/Overview).
Greg Jefferis commented
In terms of openid to log in to orcid and orcid as openid provider, for my group the interest is in obtaining an authenticated orcid. A sample use case would be a scientist wanting to contribute some information to a web database. By authenticating with orcid as openid provider, we would hope to ensure two things 1) user authentication to prevent spam etc 2) to identify the origin of contributions with the orcid as a globally unique user identifier with relevance to the academic community.
Maurice Vanderfeesten commented
Hi ORCID team, could you keep us informed as well? When is it planned in 2015?
We would love to authenticate users also with orcid for our data repository. https://data.3tu.nl/account/signin/
Richard Padley commented
Becoming an OpenID provider would definitely reduce friction for authentication uses. Gets my vote - and one day I might be able to login here with my ORCID ID instead of Facebook or Google !
Matthew Cockerill commented
not quite sure why this item is shown as Planned, but the converse (probably even more useful in the short-term at least) of being able to use FB/Google/Twitter to login to ORCID is currently showing as 'postponed' http://support.orcid.org/forums/175591-orcid-ideas-forum/suggestions/5010131-openid-login Worth linking the two items somehow, and aiming to keep their status in sync. Hopefully OpenID integration will be done in both directions, right?