Extension:OpenID

The extension makes a MediaWiki installation OpenID 2.0-aware and lets users log in using their OpenID identity - a special URL - instead of (or as an alternative to) standard username/password log in. In that way, the MediaWiki acts as the Relying party (RP) = OpenID consumer. As an option, it also allows the MediaWiki to act as OpenID provider, so that users with an account on that wiki can use a special identity URL as their OpenID for logging in to other OpenID-aware web sites.

Databases
The OpenID extension has been confirmed to work with MySQL databases since the beginning, and with PostgreSQL databases since version 3.43, November 2013.

php-openid library
The extension depends on the OpenID PHP library from https://github.com/openid/php-openid. Clone a recent version and move the  subdirectory as explained below in the Installation section.

PHP extensions or modules
You need to install a few additional dependencies as PHP extensions or recompile your PHP if these are not part of your standard PHP installation. When running a server with OpenSUSE you will likely have to add (via YaST or manually) at least the modules.

Download
☉ recommended

Installation
It should work out of the box, but you'll almost definitely want to set the trust root and access controls (see Configuration below).

Configuration

 * Usually, you will be able to start using the extension with the built-in standard settings, i.e. without adding personal parameters in your LocalSettings.

If you want to use personal parameters, then add them after the  line in your.

Bugs and common pitfalls

 * Please check our First aid checklist before asking for help, and please file bugs directly in the Wikimedia bug tracker.


 * After having created an account with OpenID on an OpenID-login-only enabled wiki, account changes which requires a password like Special:ChangeEmail won't work because no password is set, and account changes which require an email (e.g. Special:PasswordReset) won't work because no email is set; see Bug 34357.
 * one MediaWiki acting as OpenID server Bob does not work with another or same MediaWiki acting as OpenID consumer Alice on the same server. Advice for the moment: use two different servers while playing with the extension.
 * when you want to log in to your OpenID-consuming MediaWiki Alice as user X:
 * make sure that you are not logged in to the OpenID identity server Bob as another user Z ; otherwise you will see an error, which is intended.
 * I recommend you log out every persona you may have on server Bob while testing the extension
 * clear your browser cache of all Bob-related cookies, and session cookie.

myOpenID
The OpenID provider myOpenID shut down in February 2014; its users will have to go elsewhere.

Google
Google stopped allowing registration of OpenID accounts from new domains in May 2014. It is slated to be shut down completely in April 2015. They are attempting to switch over all their users to use Google+ Sign-In instead.

For those wikis where Google login with OpenID still works (for now), you can opt-in there to "2-step verification" ("two-factor authentication") because it is compatible with the OpenID extension.

Yahoo!
In June 2013, Yahoo! began allowing users to regain other users' e-mail addresses when they are not used for a certain time. This broke the security of OpenID. The use of Yahoo OpenID therefore became deprecated and was discontinued in the OpenID extension.