– Continued from 7/13/09
The services offered by social networks and web mail platforms are in many cases built on top of technology standards. These standards include OpenID and OAuth.
OpenID is an open decentralized standard for user authentication and access control. Publishers who accept OpenID allow users to login with that consistent digital identity. Sites or companies that provide OpenIDs allow users to take their credentials from these sites and use them to login to other sites. Providers include AOL, Google, Microsoft, MySpace, Facebook, PayPal and Yahoo, among others. There are over 27,000 sites that accept credentials from OpenID providers for login and registration purposes.
Publishers integrating OAuth can authenticate users in a way similar way to that of OpenID. OAuth is different however, because it also gives publishers a session key that enables those publishers to access profile and social graph data.
Companies providing social technologies through their APIs adhere to these standards. The chart below outlines which standards these social APIs are using.
The Facebook platform and associated FBML (Facebook Markup Language) were built as a custom standard that functions in a similar way to a combination of Open ID and OAuth, but which does not actually use those standards and protocols.
IMPLEMENTATION CONSIDERATIONS AND CHALLENGES
There are 5 major challenges when implementing these social technologies. They include:
1. APIs lack universality: Each API has different integration requirements and different core features. For example, even though MySpace and Yahoo are OpenID providers, implementation for each is significantly different and requires new work for site developers. Publishers who want to integrate multiple social APIs may require additional expertise and resources.
2. Managing updates to APIs is time-consuming: API providers make changes frequently, requiring sites using these APIs to make updates to their code each time a new version is released.
3. New APIs continue to open up: As additional social networks and identity providers open up, sites who want to give users choice will need to integrate them. For example, Twitter and Yahoo made their APIs available in early 2009. Publishers who want to give users choice will need ongoing technical support to integrate and manage new APIs.
4. API providers do not offer dedicated support: API providers only offer self-service support. While there are several resources for developers on each social networking site’s developers’ wiki, there are no in-person support services available.
5. APIs can be integrated in different ways: There is no single right way to integrate the APIs. An initial integration could allow users to authenticate or login to their site using credentials from a social network. A secondary integration step might be to enable users to invite friends to the site, or update their status while on the site. In a deeper integration, sites could create activities like games, quizzes, polls, virtual chats or group viewing experiences. The results of these activities can be published in newsfeeds to drive traffic back to the site.
Next week: GIGYA SOCIALIZE