#FedCM is a proposed standard API for frictionless, privacy-preserving 𝐟𝐞𝐝𝐞𝐫𝐚𝐭𝐞𝐝 𝐥𝐨𝐠𝐢𝐧 on the web.
👉 Simplifies login for both 𝐮𝐬𝐞𝐫𝐬 & 𝐝𝐞𝐯𝐞𝐥𝐨𝐩𝐞𝐫𝐬.
✅ Already supported in 𝐂𝐡𝐫𝐨𝐦𝐢𝐮𝐦 𝐛𝐫𝐨𝐰𝐬𝐞𝐫𝐬.
📰 Dive deeper in this #InfoQ article by Dan Moore: https://bit.ly/4n9BKcY
“#ChromeでGoogleでサインインはクソ:ウェブIDの未来とプライバシーの行方 #ウェブプライバシー #デジタルID #FedCM #Chrome #七29” (1 user) https://htn.to/DmyP1RJkkS #Google #プライバシー #ブラウザ #独占 #戦略 #ビジネス #セキュリティ #IT
·
“#MaruOSとは何か?スマホがPCになる夢:コンバージェンスの光と影──Maru OSの遺産から未来を問う #モバイルテック #次世代デバイス” (1 user) https://htn.to/wch8sAKioW #技術史 #Android #Linux #IT
What's a good example for #FedCM in the wild? Are there any yet?
FedCM=Federated Credential Management https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Indie social sign-in could go mainstream
https://blog.erlend.sh/indie-social-sign-in-could-go-mainstream
submitted by erlend_sh to fediverse3 points | 0 commentshttps://blog.erlend.sh/indie-social-sign-in-could-go-mainstreamBack in June I wrote about an exciting confluence of digital auth tech:
(1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .
In short, it is now easier than ever to log into web applications using
Back in June I wrote about an exciting confluence of digital auth tech:
(1) The commodification of #OIDC infrastructure, (2) the emergence of #FedCM, (3) and the compatibility of both with #indieauth .
In short, it is now easier than ever to log into web applications using your own website as an identity provider. Or at least, it would be, if your favorite web apps supported these agency-enhancing technologies.
https://blog.erlend.sh/indie-social-sign-in-could-go-mainstream
Just learned about the "Federated Credential Management API" #FedCM - a new proposal that adds browser support for managing delegated authentication workflows #OAuth #OIDC. It already looks great, but could be expanded with user-centric identity provider registration for more decentralization, as explained here: https://www.liquid.surf/2024/2/7/Can-FedCM-improve-Solid-login-flow
Ever wondered if #FedCM supports #authorization ? It's coming!
Starting in Chrome 126, you can sign up for an origin trial and try it on your domain with the Continuation API. Along with the button flow we've introduced in the previous announcement, FedCM based sign-in flow will become even more streamlined. There are a few more exciting updates as well.
Checkout the details in this blog post, try it yourself and let us know what you think:
https://developers.google.com/privacy-sandbox/blog/fedcm-chrome-126-updates
Just did a test, and I think we may be able to implement FedCM in Mastodon. It seems that you can actually create Doorkeeper Applications with a client_id that's a URL, rather than having it generate a unique client_id for you.
However, where it fails is that you don't get a unique client_id, so registering the same client again fails with a duplicate record error (maybe this is intentional?)
I guess FedCM client_id's don't have a client_secret at all to use…
FedCM for IndieAuth
#FedCM is a new #browser API that enables #identity #federation without relying on third-party #cookies. With an upcoming new feature called Button Mode API, FedCM will be able to display a modal dialog and let the user sign in to the identity provider before signing into the relying party.
You can start experimenting with this new API from #Chrome 125 which is currently in beta and see how effectively it works. Learn more about this new API at https://developers.google.com/privacy-sandbox/blog/fedcm-chrome-125-updates
Just finished a #FedCM 101 session at the OAuth Security Workshop with Sam Goto. So many great discussions and questions!
Slides available at https://tcslides.link/OSW24-FedCM101
From Chrome 123, you can use the Domain Hints alongside the Federated Credential Management API (FedCM). With the Domain Hint API, developers can provide a better user experience by only showing the federated login accounts from the domain that they accept.
https://buff.ly/3wFmzTD
#FedCM is an emerging browser API that allows identity federation without relying on third-party cookies. Learn more about FedCM from here: https://buff.ly/3wEkHe2
This week our own David Hübner travelled to the US as an advocate for the German research community to join a #REFEDS hackathon, and discuss the future of #3rdPartyCookies and their meaning for #SAML, #OIDC and #FedCM with browser vendors like @chrome
For more info on #FedCM check out https://fedidcg.github.io/FedCM/
Alright, time for a #introductionpost.
My name is Patrick. I work in #product at #google - more specifically on #privacy #security #trust #safety - you may have seen some of the products I get to work on with our globally distributed teams: #passwordmanager #autofill #payments #passkeys #fedcm .
I moved over to #Mastodon as many of you frustrated by its new, toxic leadership.
Outside of work, I'm a #dad of three, #climatewrangler as a local politician and councilman, #runner and #coffeeaddict
It would be really nice if opening a mastodon.wrongserver.social link would automatically open the toot in the Mastodon PWA I've installed. I think you'd need a central coordination domain to do it with 3p cookies, and those are going away anyway. @sgoto, can #FedCm do it? Could protocol handlers, maybe, if we expect the installed server to register mastodon: or activitypub: or something?
どうせブラウザだけで扱ってRPには渡されることのない情報なら、アカウントリストエンドポイントにはUID返して、トークンエンドポイントはPPID返せばいいのでは。
#openid #technight #fedcm
