Charter


Account Chooser & Open YOLO (You Only Login Once) Working Group

Name

Account Chooser & Open YOLO (You Only Login Once) Working Group

Background

The state of sign-in and sign-up user experience for most cloud-based services is very poor. The most common pattern is the NASCAR screen which offers a set of federated identity providers as login options along with email/password and sometimes phone number login.

This pattern has the following problems:

  • The number of identity providers is very small, limiting choice for the user and lowering incentives for many service providers to become identity providers.
  • Users often struggle to log back into an account they have already created because they can’t remember how they signed up (IDP, email/password, phone).
  • When users are asked to set a password, they often re-use the same password across many services (lowering their security) or they forget their password (requiring use of the account recovery flow).

The consequence of these problems is lower sign-in rate to services, mistakenly creating redundant accounts and stranding personal information in forgotten accounts, poor and frustrating user experience running through account recovery flows, lower security across the Internet and higher support costs for service providers to help locked out users.

OpenID Foundation’s Account Chooser Working Group made progress in offering a solution to increase IDP choice and enable disambiguation of the login method used for a specific service when given an identifier used for the account.

The Open YOLO working group will expand the Account Chooser Working Group’s mission to include mechanisms to integrate a user’s Credential Manager to streamline the sign-in and sign-up process and to serve native platforms and not just the web. A Credential Manager is a piece of software or service that stores the user identifier and credential (or login method like the user’s Identity Provider) used to access each of the user’s Internet accounts.

Statement of Purpose

The work group will produce specifications, open source software and an operational service to facilitate the sign-in and sign-up experience for users of Internet Services across major platforms.

Scope

The work group will create standardized:

  • Account Chooser API specification to provide assistance for users signing up for new services and to streamline sign-in for existing accounts that integrate with the accountchooser.com service or a user’s preferred Credential Manager.
  • Credential save and retrieve API specifications to integrate with a user’s preferred Credential Manager.

These APIs will be specified for any platform where the group deems it possible to create a good user experience.

The work group will also produce:

  • The accountchooser.com service. An implementation of the above Account Chooser API that is fully managed and hosted by the OpenID Foundation. The code for the service will be open sourced and operating procedures and governance policy for accountchooser.com site will be documented.
  • Open source JavaScript code implementing the Account Chooser that will integrate with accountchooser.com and supporting Credential Managers.
  • Open source JavaScript code implementing the Credential Save and Retrieve APIs that will integrate with supporting Credential Managers.
  • Platform specific code to enable application developers to utilize an account chooser, credential save and retrieve APIs that integrate with supporting Credential Managers.
  • A mechanism to save a user’s preferred Credential Manager on a per device basis.

Out of Scope

Specification or code for accountchooser.com to store users’ passwords or other credentials.

Specifications

  • Accountchooser API for JavaScript
  • Credential Save and Retrieve APIs for JavaScript
  • Accountchooser, Credential Save and Retrieve APIs for other platform as agreed on by the working group

Anticipated audience

Web site and application developers.

Language of business

English.

Method of work

Mailing list discussion. Posting of intermediate drafts in the OpenID Wiki. Virtual conferencing on an ad-hoc basis.

Basis for completion of the activity

  • Ratified JavaScript APIs and open source code providing developers easy means to integrate with the service.
  • accountchooser.com service which offers implementation of Accountchooser JavaScript API
  • Means for saving a user’s Credential Manager preference on JavaScript
  • Same as above for other platforms mutually agreed upon by the working group.

Proposers

  • Adam Dawes, Google
  • Iain McGinniss, Google
  • Naveen Agarwal, Google