Last updated April 11, 2014. Created by ugerhard on February 13, 2008.
Edited by kyberuserid, Xano, batigolix, LeeHunter. Log in to edit this page.

The OpenID module adds a feature to the User login block and displays a new link allowing a user to sign in using OpenID. The new OpenID link is located below the user/password field, and can be enabled by navigating to Administer > Site building > Modules (in Drupal 7: Administer > Modules), and selecting the checkbox next to the OpenID module.

OpenID is a secure method for logging into many websites with a single username and password. It does not require special software, and it does not share passwords with any site to which it is associated; including your site.

Users can create Drupal accounts using their OpenID. This lowers the barrier to registration, which is good for the site, and offers convenience and security to the users. OpenID is not a trust system, so email verification is still necessary. The benefit stems from the fact that users can have a single password that they can use on many websites. This means they can easily update their single password from a centralized location, rather than having to change dozens of passwords individually.

Note: If OpenID is enabled on a Drupal installation with an existing user base, those users need to assign one or more OpenIDs to their account before they can log in using an OpenID. This is accomplished by each user editing their OpenID identity under their user profile. Attempting to login with an OpenID that is not yet linked can easily lead to the creation of a new user if error messages aren't read or understood - and can be confusing to existing users.

Concept Overview

The basic concept is as follows: A user has an account on an OpenID server. This account provides them with a unique URL (such as myusername.openidprovider.com). When the user comes to your site, they are presented with the option of entering this URL. Your site then communicates with the OpenID server, asking it to verify the identity of the user. If the user is logged into their OpenID server, the server communicates back to your site, verifying the user. If they are not logged in, the OpenID server will ask the user for their password. At no point does your site record, or need to record the user's password.

More information on OpenID is available at OpenID.net

Looking for support? Visit the Drupal.org forums, or join #drupal-support in IRC.

Comments

I tried using it, but I can't register directly with my OpenID login. First, I have to create a regular account and link it later to my OpenID.
In case this is the correct way (i.e. assuming that I didn't overlooked something), I think that stating this somewhere would be a usueful addition.

Agree. the main idea is to use single password and login for many sites but when registering as a new user, you DO have to provide some non-openid password and only after new user has been created, you're able to use the OpenID identity.

When trying to register new account using Google open id (actually your email), Drupal 6 generates errors. It seems like embeded module has not too good support of openid.

You cannot use your email address as an OpenID. A valid OpenID url for Google profiles is https://profiles.google.com/[USERNAME] . This doesn't work with Google Apps for Domains.

To file a bug report against the core Drupal OpenID module, first search http://drupal.org/project/issues/drupal and if your bug is not already reported create a new issue with openid.module as the component.

benjamin, Agaric