Identities and APIs

The furore over Yahoo’s integration of Flickr user accounts into its main user database was probably predictable, but has raised some interesting questions about how users relate to their communities and to what extent they perceive their identities as being vested in both the community and in the data which the community holds about them. But what I found really interesting was this post on O’Reilly Radar which talks about the fact that Flickr has an API to its user database, which now means that, effectively, there is an API to Yahoo’s database too, and the fact that it’s now being used by a third-party website,

I think, unless I’m mistaken, that geobloggers is the first web site (as opposed to cool tool) to have fully intergrated with the new Flickr/Yahoo authentication scheme. The whole site is built on and backended by the Flickr API (while the map interface is managed by the Google maps API). I use Flickr to manage user registraion, login, information and photo storage.

Because the new Flickr API ties in with Yahoo is means that anyone with a Yahoo username can login and use the geobloggers site, without any additional registration. Geobloggers has gone from a potential user base of anyone with a Flickr account, who sent me an email, that I’d have to process by hand, to anyone with a Yahoo Account and I don’t have to do anything. The user base has shot up into the millions, any Yahoo member is a geobloggers member by default. Frankly I actually find that pretty scary.

It’s a fascinating development, which may well be squashed soon, or it may be completely intentional. If I can use my Yahoo ID to sign into a third-party site such as geobloggers, it basically means that Yahoo has made a huge de facto leap towards becoming an online identity standard of the kind which the Liberty Alliance has been attempting to put together. For it to become a really powerful standard, it would have to allow me as a user to define the information about myself which I’m happy to be shared with third parties, and it would have to make that information available via the API to relevant third parties. If it can do that, Yahoo’s user database will leap into another realm altogether – one where its privacy policy will presumably need to be regulated by the UN!