Integrating Open ID and also leveraging Microsoft HealthVault
I've seen several articles/questions regarding Open ID integration but I'm curious if I integrate this into my site and then try to integrate with Microsoft HealthVault which accepts live id or open id, how smooth that is or if there is a potential of multiple login actions (obviously undesired).
Ideally I would love to do something like, register for my site, if you would like to use Microsoft health vault to store health information, tether an account and subsequently you wouldn't have to do anything assuming you logged into your account within my site. Anyone have any idea if that is possible?
I've been working extensively with HealthVault over the past few months. I haven't been using OpenID at all, but I would think that it wouldn't make a difference to your application whether the user chooses to use OpenID or LiveID.
To integrate your application with HealthVault, you would provide a link to the "Auth" Shell Target that the user clicks on to logon to their HealthVault account. It looks something like this (see this page for more info):
After logging on, HealthVault will redirect the user back to your application, returning a "wctoken" parameter with it. Your application uses this token to access the user's HealthVault record.
I'm not sure what kind of integration you have in mind, but if you want users to be able to post and/or view information from their HealthVault account while they are visiting your site, and assuming HealthVault supports such a scenario, then they (should) support some kind of delegating authorization protocol such as OAuth or (more likely) Windows Live's proprietary version of OAuth. Anyway the fact that your site and/or HealthVault takes OpenID or Live ID shouldn't be any cause for a problem in that flow. Authorization should be independent of authentication.