Topic Centers

Frequently Asked Questions

  • Why OpenAuth APIs ?
  • Why not OpenID ? Why another proprietary protocol ?
    • OpenID is an "open, decentralized, free framework for user-centric digital identity". [http://openid.net/ ] It uses URIs as the user's identifier and allows the user to securely maintain their credentials at their trusted Identity Providers (which they can run by themselves too).
    • OpenAuth does support OpenID 1.1 protocols. Every AOL user can use their existing screenname as an AOL OpenID (http://openid.aol.com/<screenname>). We are tracking the OpenID 2.0 standardization effort and plan to support it after it becomes final.
    • With that said, although OpenID specification provides a light weight authentication protocol to prove the ownership of the URI, which is very well suitable for performing online actions like leaving notes on people's profiles, leaving comments in blogs, contributing content, voting and rating, etc.., it doesn't fit well in our Web Services Model where a 3rd Party Web Site/Application has to invoke or access another AOL Open Web Service on behalf of the users to access their content. The OpenAuth APIs are designed to make it easy for 3rd Party Web Sites/Applications to consume Identity based AOL Open Services.
    • We are working on building an OpenID extension to help in easier integration with AOL Open Services using OpenID.
  • Can I use your API to authenticate users who are not previously registered with AOL or AIM ?
    • Yes, OpenAuth Login Page provides a Registration Link that can be used by the end users to create a free AOL Account.
  • Can I also have other authentication systems on my site/application? What kind of issues do I have to be aware of in a multiple authentication system scenario?
    • Yes, you can use other authentication systems on your site/application as long as you manage the user's accounts from different Authentication Systems with a Name Space Identifier (Ex. AOL, Google, Yahoo, etc..) to avoid account collisions. Ex. ChattingChuck@AOL
  • Does this API entitle the AIM/AOL member to use all of the personalized features/services they are used to -- mail, weather, buddy list, calendar, etc.? Or only certain ones, and if so what are they?
    • Currently WebAIM is the only Service that supports Authentication Tokens obtained via OpenAuth. We are working on providing APIs for other AOL/AIM Services soon.
  • Are there usage caps for this API? Any limitations?
    • Yes, if the devId is used from the registered site, it would get higher usage limits. If the devId is used from a site that's not registered with the devId, it would get restricted usage limits. If you required higher usage limits, we suggest you to register your own devId and if you need further more usage limits, please contact us.
  • How can I use OpenAuth APIs from my Client Application ?
    • You need a special devId setup inorder to use our non-browser apis. Please contact us if you need one. We will provide you with more documentation and a devId that enables you to use non-browser apis.
  • How secure is the API?
‹ status 330 with getToken getInfo API - does not wok for IE7 ›
Submitted by alavillipraveen on April 16, 2007 - 1:30pm.

 

Login | AOL.com | About Us | Site Map | Help
Contact Us | AOL Terms of Service | AOL Privacy Policy
© 2008 AOL LLC. All Rights Reserved.