macOS: native AutoFill provider for passwords (not just passkeys) #21537
melihemreguler
started this conversation in
Password Manager
Replies: 1 comment
-
|
✨ Thank you for your code contribution proposal! While the Bitwarden team reviews your submission, we encourage you to check out our contribution guidelines. Please ensure that your code contribution includes a detailed description of what you would like to contribute, along with any relevant screenshots and links to existing feature requests. This information helps us gather feedback from the community and Bitwarden team members before you start writing code. To keep discussions focused, posts that do not include a proposal for a code contribution will be removed.
Thank you for contributing to Bitwarden! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Summary
Bitwarden's macOS desktop app already ships a native AutoFill credential provider extension, but today it only provides passkeys to the system AutoFill — not passwords. This is a proposal (and an offer to help) to close that gap so users can select Bitwarden as their system password AutoFill provider on macOS.
Community demand for this is here: https://community.bitwarden.com/t/autofill-with-macos-26-tahoe/89661
Why this is not blocked by macOS
com.apple.developer.authentication-services.autofill-credential-providerentitlement, which covers passwords as well as passkeys.ASPasswordCredentialIdentityentries intoASCredentialIdentityStore, the renderer already syncs password credentials, and the status command reportspassword: YES.What's actually missing
The "provide a password on request" path. Concretely:
Info.plistonly declaresProvidesPasskeys(needsProvidesPasswords).CredentialProviderViewControlleronly handlesASPasskeyCredentialRequest;ASPasswordCredentialRequestisn't handled.prepare_password_assertionIPC flow analogous to the existing passkey assertion flow (Rustautofill_provider→ napi → Electron main → preload → renderer), so the extension has no way to ask the unlocked app for a password and complete withASPasswordCredential(user:password:).All of this would sit behind the existing
macos-native-credential-syncfeature flag, and would reuse the existing modal-mode user-confirmation UX used by passkeys (no new crypto — passwords are read from already-decryptedCipherViews).Questions for the team
Happy to put up a draft PR behind the feature flag once there's a green light. I've signed the CLA.
Beta Was this translation helpful? Give feedback.
All reactions