OpenAuth

General Overview

The AOL Open Authentication API (OpenAuth) empowers third-party web sites and applications to authenticate AOL and AIM users through their Web Sites/Applications. An AIM or AOL-registered user can now log into a third-party Web Site/Application and seamlessly access AOL services or new services built on top of AOL services. (read more...)

Features

The AOL Open Authentication API (OpenAuth) can be used by a Web Site/Application to

• use AOL's Identity based Open Services (ex. Web AIM)
• provide personalized services (using AOL Services or not) to millions of AOL/AIM Users

To the end users, the AOL OpenAuth API provides

• Secure way to SignIn
  • User's credentials are never exposed to the Web Sites/Applications the user is Signing into
• Secure way to control which Sites are allowed to read their private/protected content
  • Permissions are not granted automatically (unless they select "Allow Always" on the Consent Page)
  • User is asked for consent whenever the Web Site/Application tries to read any private/protected content
  • Ex. separate consent requests to allow BuddyList Info, to send IM, to read albums, etc..
• Access to other non AOL web sites without the need to create a new user account at each of them that support AOL OpenAuth APIs.

As a developer you would be able to build great Web Applications in less time without worry about maintaining your own Identity Management Systems.

Click here for more

The Latest

Interested in learning more about OpenID? We have several articles on the subject:

• A Primer for OpenID with PHP
• Securing the Blogosphere Through OpenID: An Introduction
• OpenID and the Value of Connected Identity

Click here for more

Sample Code

• Integrating OpenAuth into Your PHP Application [Download PDF]

• Integrating OpenAuth into Your Rails Application [Download PDF]

• Integrating OpenAuth into Your ASP.NET Application [Download PDF]

• Integrating OpenAuth into Your Java Application [Download PDF]

Click here for more

AOL Open Authentication API Usage Rules

You may use the AOL Open Authentication API solely for purposes of authenticating end users of your Developer Product(s) subject to the following usage rules:

1. You must comply with the AOL Developers Network Agreement and Terms of Service.
2. You must register any Developer Product for which you wish to use the AOL Open Authentication Services. Following your registration, AOL will issue you a Developer ID and/or confirm the application of your pre-existing Developer ID to these AOL Open Authentication Services.
3. The AOL Open Authentication API will prompt an end user to log into the end user’s AOL or AIM screen name (“Screen Name”) or ONS name account (the “AOL Account”) for authentication purposes and may display certain security warnings. You shall not interfere with the end user’s receipt or submission of any information to AOL. Further you may not block or disable any host-based setting residing on any AOL Service, or otherwise modify any user preference setting in a manner not explicitly authorized by an end user.
4. If the end user logs in successfully to its AOL Account, AOL will supply an authentication token confirming the end user’s registered identity with AOL. You agree and acknowledge that (a) the authentication token confirms that the user is a user in good standing with AOL as of the exact date and time the authentication token is issued; (b) AOL has relied upon information supplied by the end user, and in no event shall AOL be liable to you or any third party for claims or liabilities arising out of information supplied by or omitted by the end user.
5. You shall not store or duplicate the authentication token, or use it for any purpose other than verifying such end user’s identity. You may not access any data, information or settings with the end user’s AOL Account, unless such access has been expressly authorized both by Your registration and use of separate API authorized by AOL to access a particular service, and by a clear, express consent obtained from each end user. At all times, You shall use the token and data accessed solely in accordance with the terms and conditions of the AOL service supplying the data.
6. You must promptly report to AOL any security deficiencies in or intrusions to Your Developer Product. You shall work with AOL to correct immediately any security deficiency, and will disconnect immediately any intrusions or intruder.
7. You may not invoke an API call or request more than 10,000 authentication tokens per day or 150,000 per month.
8. You agree and acknowledge that all Screen Names shall remain the property of AOL. The issuance and the use of each Screen Name shall be subject to, and enforceable by AOL under, the applicable AOL terms of service that govern such Screen Name. You shall not provide any Screen Names to any third party, for any purpose other than the rights granted to you. You may disclose Screen Name information solely as necessary to comply with applicable laws, rules, regulations or judicial order/s, provided, however, that you provides us with as much advance written notice of your intended use or disclosure as is reasonably practicable, the content of the disclosure, the reasons that such disclosure is required by law and the time and place that the disclosure will be made and further provided that you reasonably works with us to redact mutually agreed upon portions of information related to the Screen Name to the fullest extent permitted under applicable laws, rules or regulations. We shall be entitled to seek injunctive relief such as specific performance in the event you fail to comply with the provisions of this Section 8.
9. If you wish to commercialize your use of the AOL Open Authentication API or exceed the limitations herein, please contact AOL at http://dev.aol.com/contact to discuss.