- 1 BrowserID Field Guide
- 1.1 Table of Contents
- 1.1.1 Intro
- 1.1.2 Integrating BrowserID with new web applications
- 1.1.3 Integrating BrowserID with existing web applications
- 1.1.4 Bootstrapping BrowserID
- 1.1.5 Status
- 1.1.6 Magnets, How Do They Work?
- 1.1.7 BrowserID Philosphy
- 1.1.8 Why Mozilla?
- 1.1.9 Integrating BrowserID for Identity Providers
- 1.1.10 Security
- 1.1.11 BrowserID for SysAdmins
- 1.1.12 Tools, Libraries, and other BrowserID components
- 1.2 What BrowserID looks like on your site
- 1.3 How work with your existing authentication system
- 1.4 How to move your users to BrowserID
- 1.5 How to promote BrowserID To your users
- 1.1 Table of Contents
BrowserID Field Guide
This series of wiki pages if for drafting this booklet. The terse reference will live on MDN and an easy to read HTML book will be hosted outside of the MDN wiki (details TBD in bug 690449).
We'll probably spin up a github repo for formatting the contents of the booklet.
Don't make long term links that point to this wiki.
Table of Contents
Who and Why
Describes key use cases and why BrowserID exists.
Big Sign-On Buttons
Explains how BrowserID is different than FB Connect, Sign-in with Twitter, etc (Ben's hotel analogy).
Integrating BrowserID with new web applications
Integrating BrowserID with existing web applications
Multiple Auth Flows
- Browserid.org launched
- 1M active daily users
- Native Browser Support
- Primary RP Support
Section to be updated as needed
Magnets, How Do They Work?
Details behind BrowserID service. Explaination of RP, P, etc.
Integrating BrowserID for Identity Providers
- Key revocation / timeout (called Security Details for now)
- Implementation details
BrowserID for SysAdmins
Tools, Libraries, and other BrowserID components
What BrowserID looks like on your site
How work with your existing authentication system
When signing in, there are different paths that users can take. These paths vary based on which authentication system the user used when registering for the site, and which method they are attempting to use to sign-in now:
It's up to you to implement a way to stitch accounts together when merging accounts. Note that this requires that the authentication backend provide a way to look up a single account given a unique email. If a user has multiple accounts linked to a single email, you need to resolve that with your users by some means.
How to move your users to BrowserID
One idea is a one-time notification that the site is exclusively moving to BrowserID as an authentication system in several months. Users can continue to login with passwords until then.
How to promote BrowserID To your users
If you're not sure what to tell your users about BrowserID, here is a brief description you can give your users:
MORE LIKE PAST-WORDS, AM I RIGHT?
- It's great
- No passwords