Intent to Prototype: Lightweight Mode For FedCM

114 views
Skip to first unread message

Erica Kovac

unread,
Nov 4, 2024, 1:44:55 PMNov 4
to blin...@chromium.org, Benjamin VanderSloot

Contact emails

eko...@google.com, joha...@chromium.org, go...@chromium.org


Explainer

https://github.com/fedidcg/LightweightFedCM


Specification

None


Summary

This feature allows Identity Providers (IdPs) to store information about a user's account in the browser ahead of time via the Login Status API, and allow Relying Parties (RPs) to request access to this information via a browser-mediated prompt similar to the current FedCM flow. By storing the account information ahead of time, this eliminates the browser's need to make calls to the accounts endpoint to display the browser-mediated dialog, improving both performance and privacy. Lightweight Mode for FedCM also requires less complex integration for Identity Providers. Currently these benefits come at the cost of reduced freshness for account hint information presented to the user, but future work may address this limitation if there is sufficient developer interest.



Blink component

Blink>Identity>FedCM


Motivation

Lightweight Mode for FedCM provides an alternative mode for FedCM that addresses two concerns with the FedCM specification. One concern relates to the ergonomics of implementing the full FedCM specification as an Identity Provider. Lightweight Mode For FedCM, when coupled with the “FedCM as a trust signal for the Storage Access API” proposal, will provide a simple way to retrofit existing third-party-cookie dependent Identity Provider implementations to make use of the improved FedCM user experience and give users more context to make informed decisions. 


Another concern relates to the “pull” rather than “push” nature of FedCM to allow the user agent to display an account chooser to the user. While FedCM normally issues a credentialed request to an “accounts” endpoint to provide the user with information about available accounts, Lightweight Mode for FedCM addresses this by allowing the Identity Provider to preemptively store user information that can then be displayed by the user agent when presenting the account chooser, instead of issuing a request to IdP before the user has selected an account. This prevents the IdP and RP from colluding to link/identify users without their knowledge via timing attacks.



Initial public proposal

None


TAG review

https://github.com/w3ctag/design-reviews/issues/986


TAG review status

Pending


Risks



Interoperability and Compatibility


The introduction of this feature will not change the behavior of any existing use of the Credential Management or Login Status APIs.

There are still open questions about both UX and functionality described in the explainer that may cause temporary divergence between browser engines.



Gecko: No signal. (Implemented behind a flag.)

WebKit: No signal.


We will request standards positions once the proposal has settled a bit more.


Web developers: No signals.


Other signals:


WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

None



Debuggability

None



Is this feature fully tested by web-platform-tests?

No. Mozilla has contributed partial, tentative tests, though these do not yet reflect the current state of the explainer.


Flag name on chrome://flags

“fedcm-lightweight-credentials”


Finch feature name

“FedCmLightweightCredentials”


Non-finch justification

None


Requires code in //chrome?

True


Estimated milestones

No milestones specified



Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5136302690009088?gate=5098619653586944


This intent message was generated by Chrome Platform Status.



Reply all
Reply to author
Forward
0 new messages