Windows Live ID Web Authentication SDK

This topic describes functionality that will be obsolete. This functionality is provided only to support legacy applications. Live Connect incorporates features that provide equivalent functionality.

[Web Authentication is designed for use only by sites that are not affiliated with Microsoft. If your site is associated with Microsoft, please contact the Windows Live ID team to determine the proper implementation.]

As more Web sites begin to offer personalized services, the need for an easy-to-use authentication system has grown. Many sites are also incorporating services that are familiar to their users—for example, Windows Live™ services and controls. In light of these trends, many Web site operators and developers have expressed interest in incorporating Windows Live ID authentication into their sites. This software development kit (SDK) describes how you can use the Windows Live ID service.

With Windows Live ID Web Authentication version 1.2, you can use the Windows Live ID service to verify the identity of visitors to your site, so that you can offer personalized access to your site’s content by the millions of registered Windows Live ID users. Windows Live ID provides you with a unique, site-specific identifier for each Windows Live user who signs in to your site. Web Authentication also enables you to incorporate Windows Live controls into your site.

Included with this SDK are QuickStart sample applications that implement Web Authentication in C#, Visual Basic® .NET, Java, Perl, PHP, Python, and Ruby programming languages. You can get the sample applications for this SDK from the Web Authentication download page on

Web Authentication works by sending your users to the Windows Live ID sign-in page by means of a specially formatted link. The service then directs them back to your Web site along with a unique, site-specific identifier that you can use to manage personalized content, assign user rights, and perform other tasks for the authenticated user. Sign-in and account management is performed by Windows Live ID, so you don't have to worry about implementing these details. Windows Live ID profile data is not shared with your site.

With Web Authentication, you can also customize the sign-in and registration pages that your users see when supplying or creating their Windows Live ID credentials. Customization helps you create a seamless experience for users when they visit your site. For details, see Customizing Sign-in and Registration.

It's easy to start using the Windows Live ID service on your site. The following steps outline the six general tasks involved in implementing Web Authentication:

  1. Register your application. For details, see Getting Your Client ID for Web Authentication.
    You do not have to register to run the QuickStart samples, but you must register before you can extend the samples for use on your live Web site.
  2. Install and run the QuickStart sample application for your platform. For details, see QuickStart Samples for Web Authentication.
  3. Display the Sign in link on your page. For details, see Displaying the Sign-in Link.
  4. Decrypt the token returned by Windows Live ID to obtain the user's unique identifier. In the sample application, the token is stored in a session cookie called "webauthtoken" to keep the user signed in to your site across multiple page views. For details, see Handling the Response from the Service.
  5. Display or store content or personalized data and settings—for example, Windows Live controls—for your user, based on your site's security policies. For details, see Incorporating Windows Live Controls.
  6. Sign the user out. For details, see Handling the Response from the Service.

Ready to begin? Move on to Getting Started with Web Authentication.

Other Resources

Live Connect