Browser ID

JavaScript is at the very heart of Persona: even its server-side components are written in JavaScript, thanks to Node.js. The Persona team is currently writing a series of fortnightly blog posts on our experience with Node.js, and the first four ... [More] articles are already available: Tracking Down Memory Leaks in Node.js Fully Loaded Node Using Secure Client-Side Sessions to Build Simple and Scalable Node.js Applications Fantastic Front-End Performance Part 1 – Concatenate, Compress & Cache This is just the beginning of the Node.js Holiday Season blog series — we have eight more articles planned. [Less]

JavaScript is at the very heart of Persona: even its server-side components are written in JavaScript, thanks to Node.js. The Persona team is currently writing a series of fortnightly blog posts on our experience with Node.js, and the first four ... [More] articles are already available: Tracking Down Memory Leaks in Node.js Fully Loaded Node Using Secure Client-Side Sessions to Build Simple and Scalable Node.js Applications Fantastic Front-End Performance Part 1 – Concatenate, Compress & Cache This is just the beginning of the Node.js Holiday Season blog series – we have eight more articles planned. [Less]

JavaScript is at the very heart of Persona: even its server-side components are written in JavaScript, thanks to Node.js. The Persona team is currently writing a series of fortnightly blog posts on our experience with Node.js, and the first four ... [More] articles are already available: Tracking Down Memory Leaks in Node.js Fully Loaded Node Using Secure Client-Side Sessions to Build Simple and Scalable Node.js Applications Fantastic Front-End Performance Part 1 – Concatenate, Compress & Cache This is just the beginning of the Node.js Holiday Season blog series – we have eight more articles planned. [Less]

For the past year Mozilla has been working on an experimental login system that completely eliminates passwords on websites while being safe, secure, and easy to use. Today we’re casting off the “experimental” label and announcing the first “beta” ... [More] release of Persona. Persona is ready to use for authentication: it works in all major smartphone, tablet, and desktop browsers, the user experience has been thoroughly reviewed and polished, we’re committed to the core APIs, and its infrastructure is highly available and stable. What’s it like to integrate Persona? Check out this video from The Times Crossword: “[Persona] was definitely easier than OpenID or OAuth because it can almost all be done on the client side in JavaScript.” — David Somers, News International We haven’t just refined Persona, we’ve also significantly improved it since we first introduced it. Over the past few months we: Completely refreshed our brand, changing from the “BrowserID” codename to “Persona.” Developed an entirely new (and better) API. Streamlined the first-time user experience. Added support for showing your site’s name and logo in the login dialog. Enhanced the login dialog to optionally include links to your site’s terms of service and privacy policy. These changes have been well received and we’re seeing Persona gain traction outside of Mozilla. If you are a developer, now is the time to try Persona out. Persona is an open source project and we gladly welcome input and collaboration from the broader community via our mailing list or our IRC channel (#identity on irc.mozilla.org). This is the first of many beta releases, and we have some fantastic things planned for the future. So, what are you waiting for? Persona coexists well with existing login systems and only takes a single afternoon to integrate. What’s more, because Persona logins are based on email addresses, sites still maintain a direct relationship with their users. Check out the documentation and add Persona to your site today! [Less]

For the past year Mozilla has been working on an experimental login system that completely eliminates passwords on websites while being safe, secure, and easy to use. Today we’re casting off the “experimental” label and announcing the first “beta” ... [More] release of Persona. Persona is ready to use for authentication: it works in all major smartphone, tablet, and desktop browsers, the user experience has been thoroughly reviewed and polished, we’re committed to the core APIs, and its infrastructure is highly available and stable. What’s it like to integrate Persona? Check out this video from The Times Crossword: “[Persona] was definitely easier than OpenID or OAuth because it can almost all be done on the client side in JavaScript.” — David Somers, News International We haven’t just refined Persona, we’ve also significantly improved it since we first introduced it. Over the past few months we: Completely refreshed our brand, changing from the “BrowserID” codename to “Persona.” Developed an entirely new (and better) API. Streamlined the first-time user experience. Added support for showing your site’s name and logo in the login dialog. Enhanced the login dialog to optionally include links to your site’s terms of service and privacy policy. These changes have been well received and we’re seeing Persona gain traction outside of Mozilla. If you are a developer, now is the time to try Persona out. Persona is an open source project and we gladly welcome input and collaboration from the broader community via our mailing list or our IRC channel (#identity on irc.mozilla.org). This is the first of many beta releases, and we have some fantastic things planned for the future. So, what are you waiting for? Persona coexists well with existing login systems and only takes a single afternoon to integrate. What’s more, because Persona logins are based on email addresses, sites still maintain a direct relationship with their users. Check out the documentation and add Persona to your site today! [Less]

Later this month, we will be announcing the first “beta” release of Persona. Part of that announcement will include committing to long-term support for our APIs, so that developers can more confidently rely on Persona in their sites and applications. ... [More] This post will serve to outline the deprecation strategy that Persona will adopt for its beta releases. How is deprecation handled? Before deprecating or making backwards incompatible changes to stable APIs, the Persona team will announce the change on the Persona-notices mailing list. The team will also add deprecation warnings to the relevant code and documentation. The notice will be posted at least six months prior to the change taking effect. After posting the notice, the team will listen for feedback and monitor the ongoing use of the API. Depending on these metrics, the deadline may be extended once by an additional six months. Any extension will be communicated via the Persona-notices mailing list. Can changes happen more quickly? Yes. If a security vulnerability necessitates a backwards incompatible change to a stable API, then that change may be expedited and a message will be sent to Persona-notices. Backwards compatible and cosmetic changes may also be expedited. What APIs are covered? Beta 1 will only stabilize the subset of Persona APIs that are necessary for authenticating users. Subsequent beta releases will eventually extend this commitment to the remaining APIs, Persona’s data formats, and the cross-browser shim. Specifically, the first beta release will only commit to: id.watch() and its loggedInUser, onlogin, and onlogout options. id.logout() without any parameters. id.request() with its oncancel, privacyPolicy, termsOfService, returnTo, siteName, and siteLogo options. id.get() with its privacyPolicy, termsOfService, siteName, and siteLogo options. What about APIs that are already deprecated? APIs that are undocumented or already marked as deprecated may be removed more rapidly. This includes: id.getVerifiedEmail(). The loggedInEmail and onready options for id.watch(). The privacyURL and tosURL options for id.request(). id.logout() when passed a callback as its first parameter. The requiredEmail, silent, privacyURL, and tosURL options for id.get(). If you are using any of these undocumented or deprecated APIs, please update your code. As per usual, backwards incompatible deprecations will be announced on the Persona-notices mailing list in advance. What resources are available to help with upgrades? While the APIs are fully documented on MDN, the Persona team is committed to supporting developers that rely on Persona. If you have questions regarding upgrading your code in response to a deprecation notice, please contact us via the dev-identity mailing list or stop by our IRC channel: #identity on irc.mozilla.org. Lastly, if your site depends on Persona, or you are supporting people who do, please subscribe to the Persona-notices mailing list. [Less]

Later this month, we will be announcing the first “beta” release of Persona. Part of that announcement will include committing to long-term support for our APIs, so that developers can more confidently rely on Persona in their sites and applications. ... [More] This post will serve to outline the deprecation strategy that Persona will adopt for its beta releases. How is deprecation handled? Before deprecating or making backwards incompatible changes to stable APIs, the Persona team will announce the change on the Persona-notices mailing list. The team will also add deprecation warnings to the relevant code and documentation. The notice will be posted at least six months prior to the change taking effect. After posting the notice, the team will listen for feedback and monitor the ongoing use of the API. Depending on these metrics, the deadline may be extended once by an additional six months. Any extension will be communicated via the Persona-notices mailing list. Can changes happen more quickly? Yes. If a security vulnerability necessitates a backwards incompatible change to a stable API, then that change may be expedited and a message will be sent to Persona-notices. Backwards compatible and cosmetic changes may also be expedited. What APIs are covered? Beta 1 will only stabilize the subset of Persona APIs that are necessary for authenticating users. Subsequent beta releases will eventually extend this commitment to the remaining APIs, Persona’s data formats, and the cross-browser shim. Specifically, the first beta release will only commit to: id.watch() and its loggedInUser, onlogin, and onlogout options. id.logout() without any parameters. id.request() with its oncancel, privacyPolicy, termsOfService, returnTo, siteName, and siteLogo options. id.get() with its privacyPolicy, termsOfService, siteName, and siteLogo options. What about APIs that are already deprecated? APIs that are undocumented or already marked as deprecated may be removed more rapidly. This includes: id.getVerifiedEmail(). The loggedInEmail and onready options for id.watch(). The privacyURL and tosURL options for id.request(). id.logout() when passed a callback as its first parameter. The requiredEmail, silent, privacyURL, and tosURL options for id.get(). If you are using any of these undocumented or deprecated APIs, please update your code. As per usual, backwards incompatible deprecations will be announced on the Persona-notices mailing list in advance. What resources are available to help with upgrades? While the APIs are fully documented on MDN, the Persona team is committed to supporting developers that rely on Persona. If you have questions regarding upgrading your code in response to a deprecation notice, please contact us via the dev-identity mailing list or stop by our IRC channel: #identity on irc.mozilla.org. Lastly, if your site depends on Persona, or you are supporting people who do, please subscribe to the Persona-notices mailing list. [Less]

We are happy to see Persona gaining traction in the developer community, with dozens of sites and services integrating Persona to simplify and speed up the login process while simultaneously eliminating site-specific passwords for users. Some recent ... [More] Persona adopters include: LoginRadius, an embeddable authentication widget, permits quick integration of Persona and other authentication systems within many platforms, languages, and frameworks. We’re excited to see Persona amongst their login offerings, giving their partners a new, simple way to authenticate users. Mahara, an open source e-portfolio system used by educational institutions around the world, has implemented Persona as an authentication system to allow users to log in to their portfolios and collaborate with others in groups on projects. Persona is included by default as of version 1.5 which was released in April 2012. Koha, a popular integrated library system, is planning to include Persona as one of the default login mechanisms as of version 3.12. With this integration, both librarians and visitors will be able to access library resources using Persona. The Eclipse Foundation is building Persona into the 1.0 release of Orion, an IDE that runs as a web application. By logging in with Persona, users will be able to organize projects and collaboratively develop software from the comfort of their browser. For Ruby developers, OmniAuth offers a Persona module courtesy of Intridea. It’s available on GitHub at https://github.com/intridea/omniauth-browserid. Similarly, Node.js developers can leverage Persona thanks to a Passport module from Jared Hanson of Helixent Technologies. The module is available on GitHub at https://github.com/jaredhanson/passport-browserid. Lastly, a groundswell of community support has helped produce many more libraries and plugins, which you can find on our GitHub Wiki. If you’re curious about Mozilla’s own use of Persona, we’ll blog about that shortly. Until then, check out the django-browserid library – it already handles the authentication on sites like MDN. If you’re considering adding Persona to your application or website, you can find documentation on MDN. Don’t forget to keep in touch via our mailing list or by tweeting with the #mozPersona hash-tag. [Less]

We are happy to see Persona gaining traction in the developer community, with dozens of sites and services integrating Persona to simplify and speed up the login process while simultaneously eliminating site-specific passwords for users. Some recent ... [More] Persona adopters include: LoginRadius, an embeddable authentication widget, permits quick integration of Persona and other authentication systems within many platforms, languages, and frameworks. We’re excited to see Persona amongst their login offerings, giving their partners a new, simple way to authenticate users. Mahara, an open source e-portfolio system used by educational institutions around the world, has implemented Persona as an authentication system to allow users to log in to their portfolios and collaborate with others in groups on projects. Persona is included by default as of version 1.5 which was released in April 2012. Koha, a popular integrated library system, is planning to include Persona as one of the default login mechanisms as of version 3.12. With this integration, both librarians and visitors will be able to access library resources using Persona. The Eclipse Foundation is building Persona into the 1.0 release of Orion, an IDE that runs as a web application. By logging in with Persona, users will be able to organize projects and collaboratively develop software from the comfort of their browser. For Ruby developers, OmniAuth offers a Persona module courtesy of Intridea. It’s available on GitHub at https://github.com/intridea/omniauth-browserid. Similarly, Node.js developers can leverage Persona thanks to a Passport module from Jared Hanson of Helixent Technologies. The module is available on GitHub at https://github.com/jaredhanson/passport-browserid. Lastly, a groundswell of community support has helped produce many more libraries and plugins, which you can find on our GitHub Wiki. If you’re curious about Mozilla’s own use of Persona, we’ll blog about that shortly. Until then, check out the django-browserid library – it already handles the authentication on sites like MDN. If you’re considering adding Persona to your application or website, you can find documentation on MDN. Don’t forget to keep in touch via our mailing list or by tweeting with the #mozPersona hash-tag. [Less]

We are happy to see Persona gaining traction in the developer community, with dozens of sites and services integrating Persona to simplify and speed up the login process while simultaneously eliminating site-specific passwords for users. Some recent ... [More] Persona adopters include: LoginRadius, an embeddable authentication widget, permits quick integration of Persona and other authentication systems within many platforms, languages, and frameworks. We’re excited to see Persona amongst their login offerings, giving their partners a new, simple way to authenticate users. Mahara, an open source e-portfolio system used by educational institutions around the world, has implemented Persona as an authentication system to allow users to log in to their portfolios and collaborate with others in groups on projects. Persona is included by default as of version 1.5 which was released in April 2012. Koha, a popular integrated library system, is planning to include Persona as one of the default login mechanisms as of version 3.12. With this integration, both librarians and visitors will be able to access library resources using Persona. The Eclipse Foundation is building Persona into the 1.0 release of Orion, an IDE that runs as a web application. By logging in with Persona, users will be able to organize projects and collaboratively develop software from the comfort of their browser. For Ruby developers, OmniAuth offers a Persona module courtesy of Intridea. It’s available on GitHub at https://github.com/intridea/omniauth-browserid. Similarly, Node.js developers can leverage Persona thanks to a Passport module from Jared Hanson of Helixent Technologies. The module is available on GitHub at https://github.com/jaredhanson/passport-browserid. Lastly, a groundswell of community support has helped produce many more libraries and plugins, which you can find on our GitHub Wiki. If you’re curious about Mozilla’s own use of Persona, we’ll blog about that shortly. Until then, check out the django-browserid library — it already handles the authentication on sites like MDN. If you’re considering adding Persona to your application or website, you can find documentation on MDN. Don’t forget to keep in touch via our mailing list or by tweeting with the #mozPersona hash-tag. [Less]