REST API authentication strategies when using OpenID

What sort of mechanisms are people using to expose their APIs to people if they use OpenID?

On a recent project, I just generated an email + api key pair for each account and I tell people to use that, then my authentication system looks for that in lieu of openID credentials. I’d really be interested to see what others are doing.