VZ-Login
VZ-Login allows your users to sign up and log in to your web site using their VZ credentials.
Contents
Authentication and Authorization
Authentication and authorization is based on the emerging OpenID Connect protocol, which is based on the OAuth 2 specification. See OpenID_Connect for details. For security reasons you must assure that Authorization-, Token and API Endpoints that are secured through OAuth 2.0 are access through SSL and that you are verifying the server certificates. Otherwise your implementation is susceptible to man-in-the-middle attacks.
Alternatively you can also use OAuth 1.0a three-legged authentication to enable users to sign up and log in with their credentials but you will only retrieve an OAuth 1 access token from the authorization endpoint and not an identifier for the authorizing user. However with this access token it is possible to call the OpenSocial REST Api as well, where you can also fetch data for the currently authorized user without knowing his id beforehand (See Gadgets_REST_People#Request).
API
To retrieve User Data you can use the Portable Contacts compatible OpenSocial REST or RPC API.
Tutorial
Client profiles and libraries
VZ-Login can be used with different client profiles which closely resemble the OAuth2 client profiles:
Standard Web Server Profile or OAuth1
This uses the OAuth2 Web Server profile.
See Client_Libraries for a server side library to support you with an implementation.
User Agent Profile
This uses the OAuth2 User Agent profile.
The Client_Libraries at also provide example for this profile, but you can implement VZ-Login event more easily this way by using our JS-Library.
Client credentials
You can register your client application with a normal VZ-Developer account in the Developer Sandbox under "VZ-ID Services".
Connect VZ-Login with an OpenSocial Gadget
See Gadgets_REST#Combining_Two_Legged_and_Three_Legged_access_into_one_consumer
Interface
You should use one of the following Login Buttons as a starting point for the VZ-Login flow: