DotNetOpenAuth, previously named DotNetOpenId, is getting nearer to its major 3.0 release.   With beta 2, we have a security reviewed, feature complete library for .NET use of the OAuth and OpenID protocols. 

Although Beta 1 was very rough and was not recommended for use in production, Beta 2 has passed enough security, interop and stability tests to warrant live web sites to use this version.  It’s not “release” quality yet, but mostly that’s due to needed stabilization time and to hear feedback from early beta 2 adopters to apply any final interop fixes for the final version.  DotNetOpenAuth v3.0 Beta 2 has some very significant features that are new since the last release of DotNetOpenId v2.x.

Download beta 2 from Google Code or Ohloh.  (The project sites are still called DotNetOpenId, but you’re at the right place).

Major enhancements since beta 1:

  1. Much more stable
  2. Classic ASP support
  3. Tamper protection of callback arguments
  4. ASP.NET State Server and other serialized session stores support

Check out the VersionChanges wiki page for a more complete rundown of the changes since v3.0 beta 1 and earlier versions of DotNetOpenId.

Please leave feedback on the new version here as a comment or at the mailing list.  Questions?  Send them to the same mailing list, or post them at and tag them with “dotnetopenid”.