Allows Identity Providers (IdPs) to return structured JSON objects instead of plain strings to Relying Parties (RPs) via the id_assertion_endpoint. This change simplifies integration for developers by eliminating the need to manually serialize and parse JSON strings. It enables more dynamic and flexible authentication flows, allowing RPs to interpret complex responses directly and support varied protocols like OAuth2, OIDC, or IndieAuth without out-of-band agreements.
None
n/a
n/a
n/a
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
n/a, FedCM not supported in WebView
Same as other FedCM features. The network view in devtools would be especially helpful for debugging this feature.
FedCM in general is not supported on webview. Supported on all other blink platforms.
https://wpt.fyi/results/fedcm/fedcm-flexible-token?label=experimental&label=master
Shipping on desktop | 143 |
Shipping on Android | 143 |
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
none