Ready for Trial: Federated Credentials Management API (was WebID)

191 views
Skip to first unread message

Sam Goto

unread,
Feb 15, 2022, 11:59:41 AMFeb 15
to blink-dev, Sam Goto

Contact emails

go...@google.com


Explainer

https://github.com/fedidcg/FedCM


Specification

https://fedidcg.github.io/FedCM/


Design docs

https://github.com/fedidcg/FedCM


Summary

A Web Platform API that allows users to login to websites with their federated accounts in a privacy preserving manner.


Blink component

Blink


TAG review

https://github.com/w3ctag/design-reviews/issues/622 (early TAG review, deeper dive next)


TAG review status

Pending


Risks


Interoperability and Compatibility

Zero compatibility risk (new API)

Interoperability risk not yet known, currently working on getting formal signals


Gecko: No signal


WebKit: No signal


Web developers: No signals


Other signals: This proposal has been presented in TPAC 2022/2021 and the last two BlinkOn sessions. This API was initially incubated at the WICG and is now being developed within the FedID CG with attendance of identity providers, browser vendors and standards experts. 


Goals for experimentation

Learn about demand, requirements, ergonomics and deployment viability.


Ongoing technical constraints


  • Currently, limited Android only implementation

  • Currently, only ID tokens provided, no access or refresh tokens

  • Currently, limited session management functionality (only front-channel logout)


Debuggability

Basic devtools integration supported (tracking bug, HOWTO). More to come as we learn.


Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

At I2S, we expect the feature to be available on all platforms (Windows, Mac, Linux, ChromeOS and Android) but WebView. The current implementation is currently only supported on Android, with Desktop (Windows/Mac/Linux/ChromeOS) coming next.


Is this feature fully tested by web-platform-tests?

Yes


DevTrial instructions

https://github.com/fedidcg/FedCM/blob/main/explainer/HOWTO.md


Flag name

fedcm


Requires code in //chrome?

True


Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1216142


Launch bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1216142


Estimated milestones


Devtrial on Desktop 104

OriginTrial on Android 101

DevTrial on Android 100


Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/6438627087220736


Links to previous Intent discussions

Intent to prototype: https://groups.google.com/a/chromium.org/g/blink-dev/c/2B4TJ7j2U4M/m/1X5T3OszCAAJ



This intent message was generated by Chrome Platform Status.


Ian Kilpatrick

unread,
Feb 15, 2022, 1:07:04 PMFeb 15
to Sam Goto, blink-dev, Sam Goto
On Tue, Feb 15, 2022 at 8:59 AM Sam Goto <go...@chromium.org> wrote:

Contact emails

go...@google.com


Explainer

https://github.com/fedidcg/FedCM


Specification

https://fedidcg.github.io/FedCM/


Design docs

https://github.com/fedidcg/FedCM


Summary

A Web Platform API that allows users to login to websites with their federated accounts in a privacy preserving manner.


Blink component

Blink



Should this component be Blink>SecurityFeature>CredentialManagement ?
 
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALdEk-xvmkkTbnhxO-8oX3G5E1%2BjvvNQ2xAf4TozWZbmi47eEA%40mail.gmail.com.

Sam Goto

unread,
Feb 15, 2022, 1:10:08 PMFeb 15
to Ian Kilpatrick, Chris Wilson, blink-dev, Sam Goto
On Tue, Feb 15, 2022 at 10:06 AM Ian Kilpatrick <ikilp...@chromium.org> wrote:


On Tue, Feb 15, 2022 at 8:59 AM Sam Goto <go...@chromium.org> wrote:

Contact emails

go...@google.com


Explainer

https://github.com/fedidcg/FedCM


Specification

https://fedidcg.github.io/FedCM/


Design docs

https://github.com/fedidcg/FedCM


Summary

A Web Platform API that allows users to login to websites with their federated accounts in a privacy preserving manner.


Blink component

Blink



Should this component be Blink>SecurityFeature>CredentialManagement ?

Ah, yes, thanks! Better yet, we have a Blink > Identity > FedCM component!

FWIW, unrelated, but Chris, I think I wasn't able to find that component in the chromestatus tool. Will follow up separately.

Ian Kilpatrick

unread,
Feb 15, 2022, 1:13:22 PMFeb 15
to Sam Goto, Chris Wilson, blink-dev, Sam Goto
Great - thanks! Panos may be the right person to reach out to about this.

Ian

Balazs Engedy

unread,
Feb 22, 2022, 10:20:08 AMFeb 22
to blink-dev, Ian Kilpatrick, Chris Wilson, blink-dev, Sam Goto, Sam Goto
Point of clarification: In the "Estimated milestones" section you mention an origin trial coming up pretty soon. Can you please confirm that the team is going to send out an "Intent to Experiment" before you move on to that stage?

To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.

Sam Goto

unread,
Feb 22, 2022, 12:30:49 PMFeb 22
to Balazs Engedy, blink-dev, Ian Kilpatrick, Chris Wilson, Sam Goto
Yes.

To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
Reply all
Reply to author
Forward
0 new messages