Dec 04 2007

How to Get an OpenID and link it to your Blog URL

Published by at 3:29 pm under blogging

Following on from my look at Blogger’s new commenting system, I found some excellent information on how you can get an OpenID and link it to your Blog URL.

Why would you bother doing this? Well if you like to comment on blogs using the Blogger platform, you know that leaving your URL is no longer an option. If you don’t have a blogger profile the best you can do is leave a nickname.

Today I set up an OpenID at MyOpenID. I was expecting it to be a bit of a universal profile, but it isn’t (you can see my public profile here). So while this will let me comment on Blogger blogs, it doesn’t really provide an easy link to my blog.

I was then directed to a post by Sam Ruby called OpenID for Non-SuperUsers. I appreciate that it’s packed with great information, but I expect most novices would be sort of lost (hehe me included).

I then found a post by Jesse Peterson – Here is my ID, which was a bit more at my level. Combined with the help at MyOpenID, I was quickly able to add a bit of code to my blog header, which now allows me to use my URL http://blogpond.com.au as my OpenID URL.

The steps to do this are:

  1. Go to MyOpenID
  2. Follow the steps to set up an ID (edit: and create a Persona, complete with nickname)
  3. Insert the following code (obviously replacing “example” with your own ID url) into your header.php file (just before the </head>) for WordPress.org blogs. For blogger blogs, insert the code just after <head>.
  <link rel="openid.server"
        href="http://www.myopenid.com/server" />
  <link rel="openid.delegate"
        href="http://example.myopenid.com/" />
  <meta http-equiv="X-XRDS-Location"
        content="http://www.myopenid.com/xrds?username=example.myopenid.com" />


Update:
Kathy has pointed out that this code doesn’t work properly. Update 2 – this code now works (I fixed the problem).

Example in WordPress

Header Code

Example in Blogger

Blogger Template

WordPress.com blogs

These seem to come with their own ID, so you should just be able to put in your blog URL (i.e. sign in with your blog URL).

The next time you comment on a blogspot (or Blogger) blog that has upgraded to the new system, you enter your blog URL including the http:// and select “Any OpenID” and it will be verified, and include your blog URL in the link.


27 responses so far

27 Responses to “How to Get an OpenID and link it to your Blog URL”

  1. Gregon 04 Dec 2007 at 6:25 pm

    its strange they make it harder to comment on blogs – i would have thought that they would be making it easier, not harder to make comments.

    A useful guide though with your two posts so i have followed the instructions and will even try commenting on a blogger blog. Eventually :-)

  2. Kathyon 04 Dec 2007 at 11:25 pm

    Thanks for your help with this! I’m glad mine works now, but there’s still the issue of getting my readers to do the same. One problem is awareness. The average blog reader may not even know it’s possible. The other problem is actually going through the process. It takes time (albeit a few minutes) average readers may not want to invest.

  3. Mike Macgirvinon 05 Dec 2007 at 10:56 am

    Although tying an OpenID to your own weblog allows you to use your very own OpenID URL, it is not absolutely necessary. You can sign up with any OpenID provider today and use that URL for authentication on a growing number of websites/services.

    I for one was an early adopter of the OpenID framework and glad to see that it is approaching critical mass. In fact the only reason I have a blogger account is so that I can comment on Google blogs. I was ‘blogging’ before ‘blog’ software existed (and before people started calling it ‘blogging’) – and wrote my own software – don’t really need or want Google’s, WordPress, whatever.

    Of course having said that, OpenID has flaws. Anybody can be their own OpenID provider – which means that spammers can also create their own provider service and start spamming again, totally undeterred by moderation techniques – at least those which allow OpenID to pass through.

    In fact this is a reason not to use your own URL, as it will soon become necessary to create whitelists of OpenID providers that you feel you can trust and block/moderate comments from unknown or private URLs. It’s possible to track through the delegation chain to find out if it resolves to a trusted provider, but this takes work and bandwidth – and most folks trying to stop bad guys will just compare (and deny) the URL they were handed and not waste resources bouncing all over the net to go through the extra checks.

  4. Megon 05 Dec 2007 at 12:55 pm

    Hi Greg – glad you found it useful :)

    Kathy – yes awareness is going to be an issue. I guess if we all do our bit by posting about it, word will get out eventually. But it’s a real shame that we are kind of forced into it.

    Hi Mike – as I mentioned, I haven’t looked too much into OpenID. I am aware you can get an OpenID at a number of places.

    The problem (as I understand it) is that while you can authenticate yourself, it really doesn’t provide useful information to the blog owner. When someone comments here (particularly for the first time), I like to check out their blog. An OpenID is not necessarily a profile with an easy link to the commenter’s blog. Even using a Blogger profile is an extra step….

    While I’m using my blog URL, as I understand it, it’s still being authorised my MyOpenID (the OpenID provider), but the code that I’ve pasted says that my URL is verified as belonging to me.

    I don’t quite understand when you say “…this takes work and bandwidth – and most folks trying to stop bad guys will just compare (and deny) the URL they were handed and not waste resources bouncing all over the net to go through the extra checks.”

    I’m really just using this as a workaround for commenting on Blogger blogs – I would think that having a direct link to my blog would be less time intensive for blog owners, than trying to track down the owner of an OpenID.

    If I come across another application that requires an OpenID, I can still use the URL issued by MyOpenID.

    But perhaps I’m missing the “big picture”?

  5. Mike Macgirvinon 05 Dec 2007 at 2:43 pm

    The big picture is that with Google jumping onto OpenID, it will become a huge target for spammers. Up until now, it wasn’t worth the trouble for spammers to setup their own authentication service. But if all you need is an OpenID to post a comment on a million blogs and not have it moderated, literally anybody can create one. No email verification necessary, no accountability.

    I understand that it’s nice to have your blog URL visible in comments, and you’ve got a pretty clever solution. I’m just thinking ahead to when spam-through-openid becomes a problem (and it certainly will – only a matter of time). Your blogpond URL will probably get blocked from commenting at some point since it isn’t in any list of known and trusted openid providers.

  6. BabyFirstYearon 05 Dec 2007 at 4:59 pm

    many thanks Meg for the great info, i have do your Direction to my blogger site. and It’s Work to me. All the best

    Goonie

  7. Sueblimelyon 05 Dec 2007 at 6:39 pm

    I attached my blog URL to my OpenID but when using this ID to leave a comment on draft blogger the comment just links to the Open ID profile page with no information about my blog at all. I even set up my default profile as http://www.sueblimely.com but this does not show up. As you say Meg this does not provide an easy way of directing people to your blog.

    I have set up an affiliate link (I use myOpenID) as my provider and when approved I will be able to check to see if that puts info on my OpenID profile about my blog.

    Meg, just linking your blog to your OpenID with an openID provider, such as myOpenId.com, is different to using your site itself as the OpenID – i.e. becoming your own OpenID provider. This is what Mike was referring to when he talked about spamming and bandwidth use. Am I correct Mike?

  8. Megon 05 Dec 2007 at 7:08 pm

    Mike, I think I get what you’re saying, but can’t bloggers still opt to moderate all comments? And isn’t my URL just the interface for my (presumably trustworthy) MyOpenID?

    Goonie, glad it was useful for you :)

    Sue – Yes, it’s all a bit convoluted. That’s why I found the easiest solution was to create a MyOpenID, add the code from MyOpenID to my blog, that way I can leave the blog URL as my ID when commenting on draft blogger bogs. I still need to sign in (if I’ve been signed out) to validate that I am who I am. This is done via MyOpenID. With regards to what you’ve said about using my blog url vs being an OpenID provider – that’s the way I understand it. But, hey, I’m certainly no expert on OpenID.

  9. Willon 06 Dec 2007 at 1:14 am

    OpenID is a cool concept – I’d really love to use my blog URL as an internet-wide login with single (secure) account. However there are a few issues, not the least of which is pure difficulty setting it up.

    Even for a geek like me, setting up my own OpenID Provider (since I don’t want to rely on some 3rd party site for my global authentication) is just a bit too much effort for very little reward.

    It still doesn’t solve the whole spam bot thing (Well, it will – but only until someone implements a handy-dandy OpenID aware spambot that uses Blogger / whomever accounts.

    One of the main detractors from the OpenID concept, is (as I understand it) the lack of protection against spoofing. Basically, if someone can convince you to use your OpenID on their site, they can capture your login details if they’re sufficiently clever about it.

    Perhaps OpenID for the identification and CardSpace for the authentication might be a good approach (I doubt I’m the first to think of it).
    Unfortunately, CardSpace is even less well known (despite there being a good chance of you already having it installed, if you’re using Windows XP SP2 or Vista).

    Oh, look, here I am – commenting on your blog after 1am :)

    Excuse the ramblings :)

  10. Willon 06 Dec 2007 at 7:22 am

    Thanks for this info. I’ll try it and see how I like it. I comment on a few Blogger sites regularly and really don’t like this power grab by Google! I wrote about it here. The article got stumbled and lots of readers so hopefully Google is now hearing from us about what a terrible move it was on their part.

    http://willtaft.com/blogging/google-drops-bomb-on-blogspot-blogger-blogs/

    -Will

  11. Sueblimelyon 06 Dec 2007 at 7:41 am

    I did it! My mistake was that I was still using my OpenID address to login, rather than my blog address. Once I used my blog address (which I had linked to my OpenID using the code you give) my name in comments linked directly to my blog.

    I have also discovered that ClaimID allows you to create a reasonably comprehensive profile. You can check mine out if you wish http://sueblimely.claimid.com I will be adding other sites to it such as Bumpzee etc so people can find me all over the place :-)

  12. Willon 06 Dec 2007 at 7:44 am

    Well, this method does not work for me. When I tried to comment on a blogger blog, it did go through to openid and asked me to allow the request, which I did. However I then get the Blogger error listed below.

    We’re sorry, but we were unable to complete your request.

    When reporting this error to Blogger Support or on the Blogger Help Group, please:

    * Describe what you were doing when you got this error.
    * Provide the following error code and additional information.

    bX-yxh888
    Additional information
    host: http://www.blogger.com
    uri: /comment.do

    It could be that Blogger is now blocking this type of request. More likely it is because my Theme’s WordPress header.php file does not seem to follow the standard. For example there is no or in my header.php file.

    -Will

  13. Willon 06 Dec 2007 at 7:51 am

    The last comment stripped this out for some reason. There is no header or /header in my header.php file.

  14. Megon 06 Dec 2007 at 10:28 am

    Hi Will

    I think you are right – I’m getting an error, so it looks like Google have put a halt to this.

  15. Megon 06 Dec 2007 at 10:35 am

    I can even comment with my “myopenid” url!

  16. Megon 06 Dec 2007 at 12:55 pm

    Sue

    I think your claimID profile is http://claimid.com/sueblimely

  17. […] a few bloggers (me included) whack up posts – “Come and get yer OpenID – Delegate yer […]

  18. […] Thanks to Meg for “Dipping into her Blogpond” and putting me onto this coding in How to Get an OpenID and link it to your Blog URL […]

  19. Blog Blokeon 07 Dec 2007 at 7:02 pm

    Using OpenID defaults to my Blogger profile so there’s no way to include a top domain URL from what I can see. So a user will get no pagerank value. Pretty much useless as far as I’m concerned. WordPress here I come.

    Thanks for the link by the way. Cheers!

    …BB

  20. Megon 07 Dec 2007 at 7:07 pm

    Blog Bloke

    Are you sure? I do have a blogger profile (not that I use it). Make sure you are on a blog that uses the new commenting. Select “any openID”, type in the blog URL (including the http://) and submit.

    Mind you I can recommend WordPress ๐Ÿ˜‰

  21. Megon 07 Dec 2007 at 7:35 pm

    BB – I just left a comment on your blog, suggesting you check the code you put in, I see two http:// in your myopenid URL.

  22. A.on 10 Dec 2007 at 8:15 am

    With Blogger I have added the lines above but if I use my blogspot address to make a comment on my own blog, it opens my myOpenID identity page. If I use the myOpenID url, the comment is saved but goes to my Blogger profile page as before.

    Am I doing something wrong, or has Blogger done something to stop it?

  23. Megon 10 Dec 2007 at 8:41 am

    Hi A.

    I had a look at your code and you’ve got your ID twice. The first line should include “http://www.myopenid.com/server” not your “MyOpenId” URL.

    Give that a try.

  24. A.on 10 Dec 2007 at 8:58 am

    Many thanks for that. I was cross-eyed looking at the code. It works beautifully now!

  25. Megon 10 Dec 2007 at 9:00 am

    Oh good, thanks for letting me know ๐Ÿ˜€

  26. Shantanuon 14 Dec 2007 at 6:33 pm

    Thanks, Meg! That was very helpful. Works perfectly for me now.

    Shantanu’s last blog post..Unlimited Kababs To Heaven

  27. Janineon 17 Jan 2008 at 3:31 pm

    Thanks for that, it’s such a fuss they restrict comments. Tsk.

    Janine’s last blog post..“Jealousy is invariably a symptom of neurotic insecurity.รขโ‚ฌย