Facebook's graph API

I spent a couple of hours last night playing with Facebook's Javascript graph API, trying to figure out how hard it would be to take advantage of Facebook as a remote authentication service.

Turns out it's pretty easy - way easier to get up and running with Facebook's stuff than with open standards like OAuth or OpenID. Which is of course a big problem for all the open solutions...

This qualifies as PageKite-related research, as one of the critical features of a privacy-centric personal web server, is being able to restrict access to things - and in order to restrict access, you usually need some way of knowing who your guests are.

Requiring people to sign up and go through some sort of e-mail verification process, for every single personal web site, is not a realistic solution. It is just too much work for everybody. However, delegating the question of "who is this person?" to other popular services, such as Facebook or Twitter or GMail may make plenty of sense.

That is made possible by OAuth, OpenID and of course Facebook's proprietary technology. And as it turns out, Facebook's stuff appears to be by far the easiest to work with...


That partially explains why it is so popular, anyway.

Tags: tech

Recent posts