Contact emails [email protected]
Explainer https://github.com/w3c-fedid/FedCM/pull/815 Specification No information provided Summary Implement the FedCM Identity Handler, which allows Identity Providers (IDPs) to declare a Service Worker in their config.json that intercepts credentialed FedCM requests (accounts, id_assertion, disconnect). Currently, FedCM fetches to IDP endpoints (accounts, token, disconnect) are made directly by the browser with no opportunity for the IDP to augment the request. This prevents IDPs from: - Adding DPoP (Demonstration of Proof-of-Possession) proof headers - Performing client-side token enrichment or transformation - Implementing custom caching strategies for account responses - Adding attestation or other security headers to credentialed requests The Identity Handler allows IDPs to register a Service Worker that receives an `identityrequest` event for each FedCM endpoint call, enabling request augmentation before it reaches the IDP server. On failure, the browser transparently falls back to normal network fetch. Issue : https://github.com/w3c-fedid/FedCM/issues/80 Blink component Blink>Identity>FedCM Web Feature ID fedcm Motivation https://github.com/w3c-fedid/FedCM/issues/80 Initial public proposal No information provided Goals for experimentation None Requires code in //chrome? False Estimated milestones No milestones specified Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5096917819326464?gate=6247307227037696 Links to previous Intent discussions Intent to Prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/69ceae01.050a0220.1c79a0.01ae.GAE%40google.com This intent message was generated by Chrome Platform Status. -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/69ceae88.050a0220.1c79a0.01b5.GAE%40google.com.
