The Windows Live ID Service is the identity and authentication mechanism provided by Windows Live. Currently there are over 380,000,000 users that have Windows Live ID credentials.
Mentioned during a session at the recent MixUK, the Windows Live ID Web Authentication 1.0 SDK provides an easy-to-use authentication system that allows that allows the Windows Live ID service to verify the identity of visitors to a Web site. One advantage of this approach is that a user doesn't have to use separate login mechanisms for each site that they visit.
Windows Live ID provides you with a unique, site-specific identifier for each Windows Live user who signs in to your site. Web Authentication also enables you to incorporate Windows Live controls into your site.
Web Authentication works by sending your users to the Windows Live ID sign-in page by means of a specially formatted link. The service then directs them back to your Web site along with a unique, site-specific identifier that you can use to manage personalized content, assign user rights, and perform other tasks for the authenticated user.
Sign-in and account management is performed by Windows Live ID, so you don't have to worry about implementing these details. Windows Live ID profile data is not shared with your site.
Full details about the Windows Live ID SDK is available from the Microsoft MSDN web-site at:
In general, the tasks required when implementing Web Authentication include:
- Register the application
- Display the Sign In link on the web-page
- Decrypt the token returned by Window Live ID to obtain the users unique identifier
- Manage personalized content and settings for your user, based on the site's security policies
- Sign the user out
The best place to start is by obtaining one of the sample applications which are provided in a number of different languages including:
- ASP.NET (c#)
These samples can be obtained from:
and here's the python sample in action
In addition to making sure I had the correct version of python (2.5) installed on my server !! I found it necessary to install the Python Cryptography Toolkit which I obtained from
To implement Windows Live ID, you must register your Web site with Microsoft® as an application and receive an application ID for use with the service.
This is straightforward to do from the Windows Live ID Application page at
You need to enter the following details
The application name is a unique and friendly name that you use to refer to your application.
The return URL is the URL of the page on your Web site to which the Windows Live ID authentication service redirects users (along with the authentication token) after they have successfully signed in, signed out, or cleared their cookies. You must create a page on your site corresponding to the return URL, to handle the response from the authentication service
The secret key is a shared secret between you and Windows Live ID. Windows Live ID uses this key to encrypt and sign all tokens that it sends to your site. You should choose a secret key that is difficult to guess and create security procedures to manage this key.
and you're all set - the application ID you get is a 16-character string that represents your application which you'll use later.
To test out the system, I simply extended the python sample to run from a web-site (which I specified when registering the application) and needed to change the Application-Key.xml file which was supplied as part of the python sample, with details of my registered application.
In summary, I found it quick and easy to set up a simple test application using the Window Live ID Web authentication process which I can use in the future across my collection of web-sites as a single mechanism for user authentication.
As mentioned earlier in-depth information is available directly from Microsoft at