LID Account Model
The LID Account Model is designed to support
- local accounts with local authentication (e.g. traditional username/password)
- remote accounts that can be used to authenticate locally (e.g. via OpenID)
- multiple authentication methods attached to the same local account (e.g. users can log into the same account with either a local username/password or a remote OpenID)
- multiple remote accounts for the same local account (e.g. multiple OpenIDs that can all be used to log into the local account).
It further allows users to authenticate with a remote account (e.g. OpenID) with or without having a local account. This enables application scenarios in which the user authenticates but does not wish to create a long-term relationship with the site / have local information persisted about them.
This means that a LID session either:
- is associated with a local account, but no remote account (user authenticated locally into the local account)
- is associated with a local account and a remote account (user authenticated e.g. via OpenID into a local account)
- is not associated with a local account but with a remote account (user authenticated e.g. via OpenID but has not established a local account).