I'm building a site where people from an organization will login with their organization-provided Google Apps accounts. The site uses DotNetOpenAuth's standard OpenID sample code to authenticate with the Google OpenID provider.
OpenID is enabled on this Google Apps domain, but when I attempt to authenticate a user via the https://google.com/accounts/o8/site-xrds?hd=domain.com endpoint, I get the following error:
Error occurred while sending a direct message or getting the response.
However, if I use the standard https://www.google.com/accounts/o8/id endpoint and sign in with my Google Apps account, it works!
Why does the same Google Apps account produce two different results: one endpoint works, the other fails to authenticate properly?
