Frequently Asked Questions
- Why OpenAuth APIs ?
- Please refer to Overview Section
- Why not OpenID ? Why another proprietary protocol ?
- OpenID is an "open, decentralized, free framework for user-centric
digital identity". [http://openid.net/ ]
It uses URIs as the user's identifier and allows the user to securely
maintain their credentials at their trusted Identity Providers (which
they can run by themselves too). - OpenAuth does support OpenID 1.1 protocols. Every AOL user can use
their existing screenname as an AOL OpenID (http://openid.aol.com/<screenname>).
We are tracking the OpenID 2.0 standardization effort and plan to support
it after it becomes final. - With that said, although OpenID specification provides a light weight
authentication protocol to prove the ownership of the URI, which is
very well suitable for performing online actions like leaving notes
on people's profiles, leaving comments in blogs, contributing content,
voting and rating, etc.., it doesn't fit well in our Web Services Model
where a 3rd Party Web Site/Application has to invoke or access another
AOL Open Web Service on behalf of the users to access their content.
The OpenAuth APIs are designed to make it easy for 3rd Party Web Sites/Applications
to consume Identity based AOL Open Services. - We are working on building an OpenID extension to help in easier
integration with AOL Open Services using OpenID.
- OpenID is an "open, decentralized, free framework for user-centric
- Can I use your API to authenticate users who are not previously
registered with AOL or AIM ?- Yes, OpenAuth Login Page provides a Registration Link that can be
used by the end users to create a free AOL Account.
- Yes, OpenAuth Login Page provides a Registration Link that can be
- Can I also have other authentication systems on my site/application?
What kind of issues do I have to be aware of in a multiple authentication
system scenario?- Yes, you can use other authentication systems on your site/application
as long as you manage the user's accounts from different Authentication
Systems with a Name Space Identifier (Ex. AOL, Google, Yahoo, etc..)
to avoid account collisions. Ex. ChattingChuck@AOL
- Yes, you can use other authentication systems on your site/application
- Does this API entitle the AIM/AOL member to use all of the personalized
features/services they are used to -- mail, weather, buddy list, calendar,
etc.? Or only certain ones, and if so what are they?- Currently WebAIM is the only Service that supports Authentication
Tokens obtained via OpenAuth. We are working on providing APIs for
other AOL/AIM Services soon.
- Currently WebAIM is the only Service that supports Authentication
- Are there usage caps for this API? Any limitations?
- Yes, if the devId is used from the registered site, it would get
higher usage limits. If the devId is used from a site that's not registered
with the devId, it would get restricted usage limits. If you required
higher usage limits, we suggest you to register your own devId and
if you need further more usage limits, please contact us.
- Yes, if the devId is used from the registered site, it would get
- How can I use OpenAuth APIs from my Client Application ?
- You need a special devId setup inorder to use our non-browser apis.
Please contact us if you need one. We will provide you with more documentation
and a devId that enables you to use non-browser apis.
- You need a special devId setup inorder to use our non-browser apis.
- How secure is the API?
» Submitted by Developer Network on May 28, 2008 - 8:07am.