Contact emails [email protected]
Explainer https://github.com/fedidcg/FedCM/issues/477 Specification TBD Summary An extension to the FedCM API that allows relying parties to request broader OAuth scopes. Blink component Blink>Identity>FedCM <https://bugs.chromium.org/p/chromium/issues/list?q=component:Blink%3EIdentity%3EFedCM> Motivation ~20% of federated identity consumer flows on the web involve requesting more than the user’s basic profile. While FedCM so far has managed to mediate the exchange of enumerable attributes of the user’s identity (e.g. name, email and profile picture), there is an non-enumerable number of OAuth scopes (e.g. access to the users social graph, calendar, etc), which requires a very different attitude towards delegating authorization flows while maintaining the privacy properties. Initial public proposal https://github.com/fedidcg/FedCM/issues/477 TAG review None TAG review status Not started Risks Interoperability and Compatibility The problem this proposal sets to address is a problem that we think is shared across browser vendors and identity providers. For example, related discussions appear here <https://github.com/fedidcg/FedCM/issues/242#issuecomment-1223350669>, here <https://github.com/fedidcg/FedCM/issues/407> and here <https://github.com/fedidcg/FedCM/issues/442>. It is too soon to know if this specific proposal is going to address all of these issues, but this is the closest so far and agreeing on the (existence and definition of the) problem is a good step towards finding a solution together. Gecko: No signal WebKit: No signal Web developers: We are working with identity providers to gather requirements, understand trade-offs and abuse vectors. Other signals: WebView application risks Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications? API is not available in WebView Debuggability Same as FedCM in general – console messages in devtools and general JS debugging Is this feature fully tested by web-platform-tests <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> ? No Flag name FedCmAuthz Requires code in //chrome? True Estimated milestones No milestones specified Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5080914991775744 Links to previous Intent discussions -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CALdEk-zTgL%2BRUMFJaFGM3a3iRJGufN6Sz7B1FPym6so2W2JE-Q%40mail.gmail.com.
