Intent to Experiment: Federated Credentials Management (was WebID)

Skip to first unread message

Sam Goto

Mar 21, 2022, 12:06:17 PMMar 21
to blink-dev, Sam Goto

Contact emails 




A Web Platform API that allows users to login to websites with their federated accounts in a manner compatible with improvements to browser privacy.

In this origin trial, we are interested in experimenting with an account chooser for federated accounts, which we expect to be a foundational infrastructure for the Web going forward.

Blink component

Blink > Identity > FedCM

TAG review

Spec review: 

Early review:  

TAG review status



Interoperability and Compatibility

                Zero compatibility risk (new API)

Interoperability risk not yet known, currently working on getting formal signals.

Gecko: No Signals. standards position filed 

WebKit: No Signals. standards position filed

Web developers: No signals. We have been proactively working with Identity Providers and expect much of the origin trial experimentation to be a determining factor on their position.

Other signals: No signals. This API is being developed within the FedID CG with attendance of identity providers, browser vendors and standards experts. We are working on a community report


  We made a deliberate and concerted effort to make as many backwards

compatible changes as we possibly could to facilitate the adoption of FedCM.

When it wasn’t possible, we favored changes impacting Browsers and Identity

Providers and reduced changes impacting websites and users.

  So far, we think we maintained backwards compatibility with website’s server-

side Infrastructure, which we expect to be a meaningful activation lever.

We believe we found a structure that would make it easy for websites to adopt, but that's one of the risks that we are trying to mitigate as soon as we possibly can as part of the origin trial.

WebView Application Risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

This API does not deprecate or change behavior of existing APIs.

Goals for experimentation

To learn about:

  • requirements: what aspects of federated identity are going to be affected by phasing out third party cookies?

  • demand: who is going to be affected? and how important is it for them?

  • deployment viability: is it a practical solution?

  • user acceptance: does our implementation perform well with users?

Ongoing technical constraints

The following are current technical constraints that we expect to resolve as we go along (i.e. we are actively working on these known constraints):

  • Android only implementation (here is the desktop implementation tracking bug)

  • Only ID tokens provided, no access or refresh tokens (access tokens PR in progress)

  • Front-channel logout designed and implemented, but disabled for origin trials (HOWTO try it)

  • Only available in top level frames 


Basic devtools integration supported. More to come as we learn.

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?


We expect the feature to be available on all platforms (Windows, Mac, Linux, ChromeOS and Android) except WebView. The current implementation is currently only supported on Android, with Desktop (Windows/Mac/Linux/ChromeOS) coming before our I2S.

Is this feature fully tested by web-platform-tests?


DevTrial instructions

Flag name


Requires code in //chrome?


Tracking bug

You can track our progress here:

Launch bug



Estimated milestones

OriginTrial - Android


Origin Trial - Desktop 


DevTrial on android


Link to entry on the Chrome Platform Status

Links to previous Intent discussions

This intent message was generated by Chrome Platform Status.

Yoav Weiss

Mar 23, 2022, 1:20:38 AMMar 23
to blink-dev, Sam Goto, Sam Goto
LGTM to experiment till M105 (inclusive)

Kaan Icer

May 31, 2022, 12:40:50 PMMay 31
to blink-dev,, Sam Goto, Sam Goto, Yi Gu
FedCM has been in the origin trial since M101 only on the Android platform. As part of the ongoing origin trial, we expand FedCM to desktop as well with M103.
Could you please help us understand if we need a new I2E for desktop support?
Thank you,

Mike Taylor

May 31, 2022, 12:47:41 PMMay 31
to Kaan Icer, blink-dev,, Sam Goto, Sam Goto, Yi Gu
Hi Kaan,

No need for another I2E - you have the LGTM to experiment without any conditions on platforms (and I see you had Desktop listed as 102 to 105. The fact that it slipped a milestone is fine).
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To view this discussion on the web visit

Kaan Icer

May 31, 2022, 1:48:09 PMMay 31
to Mike Taylor, blink-dev,, Sam Goto, Sam Goto, Yi Gu
Thank you, Mike!

We have already updated Chromestatus to reflect desktop milestone change from M102 to M103.

Screen Shot 2022-05-31 at 1.46.31 PM.png

Reply all
Reply to author
0 new messages