fusionauth-issues
fusionauth-issues copied to clipboard
FusionAuth
Support FedCM
Support FedCM
Description
FedCM (Federated Credential Management) is a privacy-preserving approach to federated identity services (such as "Sign in with...") where users can log into sites without sharing their personal information with the identity service or the site.
This is currently supported by Chrome as of 108 and is experimental in Firefox. Safari support is unknown.
Supporting this would let FedCM compliant RPs integrate with FusionAuth. At some point Chrome will enforce this, probably when third party cookie support is removed.
Relevant links
- https://developers.google.com/privacy-sandbox/3pcd/fedcm-developer-guide
- https://developers.google.com/privacy-sandbox/3pcd/fedcm
- https://github.com/fedidcg/FedCM
The login API, referenced previously in this issue, is part of FedCM, but doesn't make sense to implement standalone.
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
Feedback
Please upvote this if you'd like to see FusionAuth support FedCM.
Can you please add some additional detail to this issue? For example, what is the purpose of this API, and how does it benefit FusionAuth, if we implement this, what use case does it solve? Thanks.
@robotdan added more info to the issue. As I dig in, this feels like a project as big as WebAuthn, so it'd be great to get community feedback via upvotes or comments, to determine if this is something we should support.
Here's an OSS working demo: https://gis-example.glitch.me/fedcm-onetap.html
It'll allow someone to play with browser rendered sign-in prompts.
Could also move over to this for the google identity provider: https://developers.google.com/identity/gsi/web/guides/fedcm-migration
(Everyone using google has to do this in next 2 quarters, per Googler on a FedCM call I just listented to.) Should probably create a separate issue.