If you are using a web application that uses Windows Live, such as Microsoft Dynamics CRM Live, you might be wondering, how does authentication work.
The first step in the process is that the web application registers with the Windows Live ID service. This registration includes creating unique keys for the application and storing a URL that the Live ID service will use to redirect users after signing into Windows Live ID. The 2nd step is when the application wants to authenticate the user. The application will provide the 'sign-in' link on it's web page. The user when clicking on the link will be redirecting to sign-in page hosted by Windows Live ID. When this happens a token is also passed that identifies the application. By passing in a token that was given to the application at time of registration, the sign-in page understands who is calling it. The 3rd step is that the user logins into Live ID. After logging into Live, the Live service redirects the user to the applications designated page that it registered with. The application can then redirect back to the original landing page the user came in on. Presto, you are authenticated to the Web application.
Microsoft, Windows Live, Live ID, Windows Live ID, Knowledgebase