Intent to Prototype: FedCM-Allow IDP interception of FedCM Request via Service Worker

[Chromestatus]

Contact emails

sures...@microsoft.com

Explainer

https://github.com/w3c-fedid/FedCM/pull/815

Specification

No information provided

Summary

Implement the FedCM Identity Handler, which allows Identity Providers (IDPs) to declare a Service Worker in their config.json that intercepts credentialed FedCM requests (accounts, id_assertion, disconnect). Currently, FedCM fetches to IDP endpoints (accounts, token, disconnect) are made directly by the browser with no opportunity for the IDP to augment the request. This prevents IDPs from: - Adding DPoP (Demonstration of Proof-of-Possession) proof headers - Performing client-side token enrichment or transformation - Implementing custom caching strategies for account responses - Adding attestation or other security headers to credentialed requests The Identity Handler allows IDPs to register a Service Worker that receives an `identityrequest` event for each FedCM endpoint call, enabling request augmentation before it reaches the IDP server. On failure, the browser transparently falls back to normal network fetch. Issue : https://github.com/w3c-fedid/FedCM/issues/80

Blink component

Blink>Identity>FedCM

Web Feature ID

fedcm

Motivation

https://github.com/w3c-fedid/FedCM/issues/80

Initial public proposal

No information provided

Goals for experimentation

None

Requires code in //chrome?

False

Estimated milestones

No milestones specified

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5096917819326464?gate=6247307227037696

This intent message was generated by Chrome Platform Status.

[Chromestatus]

Links to previous Intent discussions

Intent to Prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/69ceae01.050a0220.1c79a0.01ae.GAE%40google.com