Since its establishment in 2010, the mojeID service was closely connected with the OpenID 2.0 authentication protocol. This protocol was the best choice for us at the time, as it combined the implementation simplicity with availability of libraries for various programming languages. However, OpenID 2.0 is not the only authentication protocol. I wrote in our blog (only in Czech) about several others, like the SAML protocol or OpenID Connect. Especially for the latter one, OpenID Connect, standardization of which was finished at the beginning of last year, analysts forecast a promising future. The good news is that mojeID is no longer “monolingual”, it is now able to communicate with service providers via the mentioned protocols.
First, I will mention the SAML 2.0 protocol, which has been present in mojeID for a few months. This protocol will probably never be very widespread among new service providers, but it allows you to connect the existing systems, which are historically based on it. For us, the primary motivation was cooperation in the European projects STORK and eIDAS, where the emerging software uses only the SAML protocol. The secondary motivation was working with the CESNET organization that operates the Czech academic identity federation eduID. Closer involvement in eduID would, for example, simplify implementation of mojeID in libraries and bring the service closer to the academic environment. Currently, communication with mojeID via the SAML protocol requires manual registration of a service provider, so if you are interested in such an interconnection, please contact us at email@example.com and we will go through the registration process together.
Google’s reaction to the new protocol was fairly rapid and tough at the same time. Since mid-April of this year, Google stopped supporting all older versions of OAuth and OpenID in favor of the new protocol. We, on the other hand, set no strict migration terms for our providers just yet. First let’s see how the new protocol takes hold. So if this is the moment you were waiting for to implement mojeID on your website, then you do not have to wait anymore and go for it :).