FedID CG Federated Credentials Management
This is the repository for the W3C's FedID CG Federated Credentials Management API.
Work-in-progress specification: https://fedidcg.github.io/FedCM/
As the web has evolved there have been ongoing privacy-oriented changes (example) and underlying privacy principles. With those changes some underlying assumptions of the web are changing. One of those changes is the deprecation of third-party cookies. While overall good for the web, third-party cookie deprecation leaves holes in how some existing systems on the web were designed and deployed.
Federated Credentials Management API aims to fill the specific hole left by the removal of third-party cookies on federated login. Historically this has relied on third-party cookies or navigational redirects in order to function as they were the primitives provided by the web.
Much of the FedCM specification has evolved due to the experimentation detailed in the explorations. The explorations documents give a good overview of the why of the FedCM API. Please read over the documents to understand how the current API has evolved.
There are several ways to contribute to the Federated Credential Management API.
If you're an interested party and have potential requirements, they can be submitted to the IDBrowserUseCases repository. There are also discussions ongoing in the Fed-ID CG about the various use cases.
If you'd like to try out the current demo of the FedCM API you can follow the HOWTO document.
If you're an Identity Provider, there are two sides of the implementation that will be needed and any feedback on either side is appreciated.
Code of Conduct
This group operates under W3C's Code of Conduct Policy.