RESO and OpenID Connect: The Future of Your Identity
As I mentioned yesterday, I’m at the RESO conference in Austin this week. In addition to the session on Universal Property ID, I’m also excited to hear FBS’s very own Cal Heldenbrand give a presentation on OpenID Connect, which is a new identity management standard being advocated for adoption by RESO to solve many of the login and identity management pain points we have across the industry.
Below is an article Cal wrote explaining a bit about OpenID Connect and its advantages to the real estate industry. If you happen to be in Austin, you also should check out Cal’s presentation on the last day of the conference. Identity is central to, well, everything, so this is an incredibly important topic.
By Cal Heldenbrand
You’re all likely pretty familiar with the options many web sites have offered for years to login to the site with your Google, Facebook, or other credentials. Here’s an example from Sears:
Even though the changes visible to us on the front-end have been relatively minor, a majority of the large Silicon Valley companies have been doing something amazing under the hood in creating a new, open standard called OpenID Connect that powers these options for users.
OpenID Connect is supported by Google, Amazon, Microsoft, PayPal, eBay, IBM, and many more, all of which have worked together to create the standard. Some of the key advantages of OpenID Connect are that you can own and control your identity easier than ever before, you’ll have fewer passwords to manage, identity can be federated across disparate vendors, and your favorite mobile apps and web sites can work better together.
In this post, I’m going to discuss how OpenID Connect and the benefits it offers applies to real estate technology and why RESO also should adopt this standard. First, let’s look into the access controls you can have.
Google has implemented OpenID Connect with its federated identity system and so you may have seen the new options under your Google profile for managing your authorized accounts. You can see who you’ve allowed to use your identity using Google’s sign-in and, more importantly, it shows you what level of access you’ve granted and allows you to revoke that access at any time. For example, here’s what an authorization to Stack Exchange looks like:
At any time, a user can decide to remove the authorization. The website no longer has access to account information like name, email address, and phone numbers. In the history of the web, this has rarely been an option. When a user is in control of their identity, they have the power to say, “No thanks, I don’t want you to have my personal information.”
Applying this to real estate, using OpenID Connect will allow members of the MLS to use their MLS credentials to sign into any of the other web sites or apps they use and select which aspects of their identity are given to a website or product. Don’t want to give out a phone number? Uncheck the box. Want to remove properties from an IDX website? Revoke access.
The benefits also go beyond identity ownership to improving how different companies work together using federation. The term federation, just like SSO, is a broadly defined concept, but it’s similar to SSO in that it provides implicit access to other websites with a single log in. Without diving too far into the technical details, federation also gives a single login session the ability to access other identity providers as well and allows your identity to travel with you to all of the places that you’re authorized to be.
What benefit does federation provide in the real estate space? Think about overlapping MLS markets, where agents belong to multiple MLSs, often with different systems, requiring different logins and passwords. OpenID Connect provides a solution to that problem with federated identity. With a federated identity, MLS members can log into several MLS vendors by entering a single password, one time. Furthermore, that one authentication could be used to log into other real estate sites, with each site only authorized to access the content the member authorized and, at any time, the member can revoke that access.
In addition to providing amazing benefits for the end users, OpenID Connect is easy to use and quick to implement for software developers. Our current methods of SSO integrations can take several weeks to complete. With OpenID Connect, that process turns into minutes. For most applications, there is no programming required to add a new identity provider. In addition, because OpenID Connect is a well-defined standard, adding an MLS system authentication option to a website is the exact same process as adding Google, or Amazon, or Microsoft. It really is “plug and play,” with no strings attached.
Another benefit is mobile integrations. We all know that today’s world is mobile and that mobile apps are more frequently accessed that many of the web sites we use. OpenID Connect also significantly improves integration of web sites with mobile companion applications by allowing a single authentication to give simultaneous access to both a mobile native app and a website. For example, if a user logs into a CMA product’s mobile app and authorizes access to the MLS listings, a subsequent log in at the CMA website could now have the same authorization to access the listings without having to ask again.
To fully test out how easy OpenID Connect is to work with, I applied to certify our Spark Platform implementation and was granted certification on in early October. Of course, developers who just want to use the standard don’t need to go through this process but we wanted to fully vet the process and get our Spark Platform and Flexmls systems ready to rock-and-roll with OpenID Connect so we can start to provide our customers some of the many benefits discussed above.
For all of the above reasons, OpenID Connect is an excellent standard ready-made for real estate and so RESO should adopt this standard as well. There are a lot of proprietary, vendor lock-in compatibility problems in the real estate sector, and OpenID Connect is the perfect vehicle to start breaking down those barriers for the benefit of our mutual customers.