- A majority of the large Silicon Valley companies have been doing something amazing under the hood in creating a new, open standard called OpenID Connect.
- OpenID Connect would allow members of the MLS to use their MLS credentials to sign into any of the other websites or apps they use and select which aspects of their identity are given to a website or product.
- The benefits also go beyond identity ownership to improving how different companies work together using federation, which provides implicit access to other websites with a single login.
You’re all likely pretty familiar with the options many websites have offered for years to log in to the site with your Google, Facebook or other credentials. Here’s an example from Sears:
Even though the changes visible to us on the front-end have been relatively minor, a majority of the large Silicon Valley companies have been doing something amazing under the hood in creating a new, open standard called OpenID Connect that powers these options for users.
OpenID Connect is supported by Google, Amazon, Microsoft, PayPal, eBay, IBM and many more, all of which have worked together to create the standard.
Some of the key advantages of OpenID Connect are that you can own and control your identity easier than ever before, you’ll have fewer passwords to manage, identity can be federated across disparate vendors, and your favorite mobile apps and websites can work better together.
In this post, I’m going to discuss how OpenID Connect and the benefits it offers applies to real estate technology and why RESO (the Real Estate Standards Organization) also should adopt this standard. First, let’s look into the access controls you can have.
Google has implemented OpenID Connect with its federated identity system, so you may have seen the new options under your Google profile for managing your authorized accounts.
You can see who you’ve allowed to use your identity using Google’s sign-in and, more importantly, it shows you what level of access you’ve granted and allows you to revoke that access at any time. For example, here’s what an authorization to Stack Exchange looks like:
At any time, a user can decide to remove the authorization. The website no longer has access to account information like name, email address, and phone numbers.
In the history of the Web, this has rarely been an option. When a user is in control of their identity, they have the power to say, “No thanks, I don’t want you to have my personal information.”
Applying this to real estate, using OpenID Connect will allow members of the MLS to use their MLS credentials to sign into any of the other websites or apps they use and select which aspects of their identity are given to a website or product.
Don’t want to give out a phone number? Uncheck the box. Want to remove properties from an IDX website? Revoke access.
The benefits also go beyond identity ownership to improving how different companies work together using federation. The term “federation,” just like SSO (single sign-on), is a broadly defined concept, but it’s similar to SSO in that it provides implicit access to other websites with a single login.
Without diving too far into the technical details, federation also gives a single login session the ability to access other identity providers as well and allows your identity to travel with you to all of the places that you’re authorized to be.
What benefit does federation provide in the real estate space? Think about overlapping MLS markets, where agents belong to multiple MLSs, often with different systems, requiring different logins and passwords.
OpenID Connect provides a solution to that problem with federated identity. With a federated identity, MLS members can log into several MLS vendors by entering a single password, one time.
Furthermore, that one authentication could be used to log into other real estate sites, with each site only authorized to access the content the member authorized and, at any time, the member can revoke that access.
In addition to providing amazing benefits for the end users, OpenID Connect is easy to use and quick to implement for software developers. Our current methods of SSO integrations can take several weeks to complete.
With OpenID Connect, that process turns into minutes. For most applications, there is no programming required to add a new identity provider.
In addition, because OpenID Connect is a well-defined standard, adding an MLS system authentication option to a website is the exact same process as adding Google, or Amazon, or Microsoft. It really is “plug and play,” with no strings attached.
Another benefit is mobile integrations. We all know that today’s world is mobile and that mobile apps are more frequently accessed that many of the websites we use.
OpenID Connect also significantly improves integration of websites with mobile companion applications by allowing a single authentication to give simultaneous access to both a mobile native app and a website.
For example, if a user logs into a CMA product’s mobile app and authorizes access to the MLS listings, a subsequent log in at the CMA website could now have the same authorization to access the listings without having to ask again.
To fully test out how easy OpenID Connect is to work with, I applied to certify our Spark Platform implementation and was granted certification on in early October.
Of course, developers who just want to use the standard don’t need to go through this process, but we wanted to fully vet the process and get our Spark Platform and Flexmls systems ready to rock-and-roll with OpenID Connect so we can start to provide our customers some of the many benefits discussed above.
For all of the above reasons, OpenID Connect is an excellent standard ready-made for real estate and so RESO should adopt this standard, as well. There are a lot of proprietary, vendor lock-in compatibility problems in the real estate sector, and OpenID Connect is the perfect vehicle to start breaking down those barriers for the benefit of our mutual customers.
Note from FBS: OpenID Connect is already 100 percent available for use, and any vendors can use it with no intervention on our part. We are actively seeking Flexmls customers to beta test it.
Cal Heldenbrand is a System Administrator at FBS Data Systems.