Identity/BrowserID/FieldGuide

From MozillaWiki
Jump to: navigation, search

BrowserID Field Guide

This series of wiki pages if for drafting this booklet. The terse reference will live on MDN and an easy to read HTML book will be hosted outside of the MDN wiki (details TBD in bug 690449).

We'll probably spin up a github repo for formatting the contents of the booklet.

Don't make long term links that point to this wiki.

Table of Contents

Intro

Who and Why

Describes key use cases and why BrowserID exists.

Big Sign-On Buttons

Explains how BrowserID is different than FB Connect, Sign-in with Twitter, etc (Ben's hotel analogy).

Integrating BrowserID with new web applications

Getting Started

https://docs.google.com/document/d/17xkc9kVcbWWzPauSI1uPnmdEbl0HFxndCN9KT8lJrd4/edit?hl=en_US

Integrating BrowserID with existing web applications

Multiple Auth Flows

http://cl.ly/2b0F0c102O2B3d463X3O

Ninja Techniques

https://docs.google.com/document/d/1UcVjHa-zFd3gUtMAnb2rQwgwdJrzSkZnizxB1AieZpk/edit?hl=en_US

Bootstrapping BrowserID

https://docs.google.com/document/d/1w_OEOX3myZeErBDFoyxmwfAASLIlbyTAHoQU7sM8Fw8/edit?hl=en_US

Sidebar: What is a JavaScript Polyfill?

Status

History

Milestones

  • Browserid.org launched
  • 1M active daily users
  • Native Browser Support
  • Primary RP Support

Section to be updated as needed

Magnets, How Do They Work?

Details behind BrowserID service. Explaination of RP, P, etc.


BrowserID Philosphy

Why Email Addresses

Why Mozilla?

Why Mozilla

Integrating BrowserID for Identity Providers

Security

BrowserID for SysAdmins

BrowserID for SysAdmins

Tools, Libraries, and other BrowserID components

  • django-browserid

What BrowserID looks like on your site

[UI Mockups]

How work with your existing authentication system

When signing in, there are different paths that users can take. These paths vary based on which authentication system the user used when registering for the site, and which method they are attempting to use to sign-in now:

Migration Chart

It's up to you to implement a way to stitch accounts together when merging accounts. Note that this requires that the authentication backend provide a way to look up a single account given a unique email. If a user has multiple accounts linked to a single email, you need to resolve that with your users by some means.

How to move your users to BrowserID

One idea is a one-time notification that the site is exclusively moving to BrowserID as an authentication system in several months. Users can continue to login with passwords until then.

How to promote BrowserID To your users

If you're not sure what to tell your users about BrowserID, here is a brief description you can give your users:

MORE LIKE PAST-WORDS, AM I RIGHT?

  • It's great
  • No passwords