Yadis


Yadis is a communications protocol for discovery of services such as OpenID, OAuth, and XDI connected to a Yadis ID. While intended to discover digital identity services, Yadis is not restricted to those. Other services can easily be included.
A Yadis ID can either be a traditional URL or a newer XRI i-name, where the i-name must resolve to a URL. The so-called Yadis URL either equals the Yadis ID or the resolved URL of the XRI i-name.
Furthermore, Yadis specifies how to use the Yadis URL to retrieve a service descriptor called Yadis Resource Descriptor. This descriptor follows the XRDS format and connects several services, like authentication or authorization to the Yadis URL. Each service description can have further parameters.

Modular architecture

Yadis follows the REST-ful, "small pieces loosely joined" paradigm that has proven to be successful in the development of the web.
The basic assumption is that identities can be addressed with URLs or with other identifiers that can be resolved to URLs. Yadis then associates an XRDS document with each URL that expresses the associated capabilities or services.
The owner of a Yadis identifier can choose which services he wishes to use in his XRDS document. After retrieving this document, a relying party such as a website accepting Yadis identifiers can select an appropriate services of the XRDS document, e.g. a protocol to use for authentication. This can allow existing web sites, like blogs, to easily implement basic Yadis functionality while also making it possible to build more advanced applications.

Discovery of the Yadis Resource Descriptor

The capability document associated with an identity URL is found either:
  1. By following a custom HTTP response header called X-XRDS-Location,
  2. By an equivalent entry in the HTML HEAD section, called
<meta http-equiv="X-XRDS-Location" content="http://example.com/yadis.xml">, or
  1. By requesting a special mime type called application/xrds+xml when performing an HTTP GET on the identity URL.
Developers can choose which of the alternatives to implement, based on factors such as whether they can run software at the identity URL or not.

XRDS documents

Here is an example XRDS capability document:


xmlns:openid="http://openid.net/xmlns/1.0">


http://openid.net/signon/1.0
http://www.myopenid.com/server
http://smoker.myopenid.com/


http://openid.net/signon/1.0
http://www.livejournal.com/openid/server.bml
http://www.livejournal.com/users/frank/


http://lid.netmesh.org/sso/2.0
http://mylid.net/liddemouser


http://lid.netmesh.org/sso/1.0




If this XRDS document was returned, using one of the listed mechanisms, for a URL, it would express the following information:
Yadis was initiated by developers of the Light-Weight Identity and OpenID protocols. This collaboration was then joined by members of the OASIS XRI Technical Committee, particularly those working on i-names.
However, Yadis is an open initiative, so other developers will start using XRDS lightweight capabilities description, making possible a "mix and match" approach to building Yadis-enabled applications, enabling application developers to choose their own balance between ease of implementation on one hand, and range of features on the other.