Federated Credential Management
Federated Credential Management, or FedCM, is a browser-mediated Web API for federated login: it lets a relying party ask the browser to coordinate account selection and identity assertion exchange with an identity provider, so "sign in with..." flows can work with less dependence on third-party cookies, redirects, embedded frames, and hidden cross-site state. It improves the login ceremony; it does not by itself settle identity proofing, trust, authorization, profiling, or agent delegation.
Definition
Federated Credential Management is a web identity concept and API family for letting a browser mediate login among three parties: the person using the browser, a relying party website, and an identity provider. The W3C FedCM draft describes it as a Web Platform API for letting users log in to websites with federated accounts in a privacy-preserving manner.
FedCM is not a new identity provider, password manager, passkey system, proof-of-personhood scheme, digital wallet, or AI system. It is a browser-level interface around identity federation. Traditional web federation often depends on redirects, embedded frames, and third-party cookies so that a site can ask an identity provider whether a user is signed in. FedCM moves more of that exchange into browser-controlled prompts, login-status state, and API calls. It can reduce some silent cross-site identity plumbing, but it does not decide legal identity, identity proofing, token trust, authorization policy, or downstream data use.
The term belongs near Digital Identity, Data Minimization, Contextual Integrity, and Platform Governance. It is also relevant to AI Agent Identity and AI Browsers and Computer Use, because delegated agents increasingly depend on browser sessions, consent prompts, and account boundaries.
Snapshot
- Core mechanism: a browser-mediated account-selection and identity-assertion flow between a relying party and identity provider.
- Standards status: W3C First Public Working Draft on the Recommendation track; the active Federated Identity Working Group charter runs from February 25, 2025 to February 25, 2027.
- Deployment status: implemented in Chrome-family documentation and Google Identity Services migration guidance, with Google documenting availability in Chrome 117 or later; MDN still marks the API as experimental and not Baseline because it does not work in some widely used browsers.
- Not a replacement for: OpenID Connect, OAuth, SAML, legal identity proofing, passkeys, wallet credentials, token validation, account recovery, authorization, or consent governance.
- Primary benefit: reduce reliance on third-party cookies and hidden cross-site checks for supported federated-login flows.
- Primary risk: identity power can concentrate in browsers and large identity providers while users see only a simple account chooser.
How It Works
In a normal federated login, a relying party outsources authentication to an identity provider. OpenID Connect describes this pattern as an authentication protocol built on OAuth 2.0: a site asks an identity provider to authenticate the user and return identity information or tokens. FedCM does not replace every federation protocol. Instead, it gives the browser a standardized role in the account-selection and login ceremony.
Under FedCM, the relying party calls a browser API such as navigator.credentials.get() with identity-provider configuration. The browser checks configured identity-provider endpoints, mediates account selection, and can return an IdentityCredential containing a token if the flow succeeds. The identity provider still has to support the required endpoints, and the relying party still has to validate and handle the returned assertion under its own federation protocol and policy.
Chrome's developer documentation says FedCM supports sign-up, sign-in, and sign-out with federated accounts for users browsing without third-party cookies, while also saying FedCM is not supported by all browsers and that relying parties should keep existing non-FedCM federation paths. MDN similarly marks the FedCM API as experimental and limited availability.
The W3C draft includes identity-provider HTTP endpoints for well-known metadata, configuration, accounts, client metadata, identity assertions, and disconnect. It also includes login-status machinery and a permissions-policy integration. Those details matter because the privacy benefit depends on which information is exposed through which browser-mediated path, not merely on the presence of a new button.
The governance meaning is that identity exchange stops being only a relationship between websites and identity providers. The browser becomes an explicit mediator. That can improve user visibility, but it also gives browser vendors power over which identity flows feel normal, which providers integrate smoothly, and what consent text users repeatedly see.
Boundaries and Non-Goals
FedCM is best understood as a mediation layer, not a full identity governance system. It changes how a website asks for a federated credential in supporting browsers; it does not define the whole trust relationship among users, relying parties, identity providers, credential issuers, wallets, regulators, and automated agents.
- Protocol boundary: FedCM is protocol-agnostic. OpenID Connect, OAuth, SAML, token exchange, signature validation, audience checks, replay defenses, and account-linking policy remain separate implementation and governance work.
- Browser boundary: a browser-mediated prompt can reduce hidden cross-site checks, but it also makes browser UI, permission policy, enterprise settings, private-mode behavior, and cross-browser interoperability part of the identity surface.
- Privacy boundary: the W3C draft still recognizes privacy attack scenarios including manifest fingerprinting, timing attacks, identity-provider intrusion, cross-site correlation, unauthorized data usage, relying-party fingerprinting, and secondary use. FedCM reduces some channels; it does not erase identity surveillance risk.
- Credential boundary: W3C's Digital Credentials API is adjacent work in the same Federated Identity Working Group, but it is a separate API for browser-mediated presentation and issuance of credentials such as government documents or academic credentials.
- Assurance boundary: FedCM does not prove that a person is who a document says they are, that an identity provider is trustworthy, that a wallet protects keys, or that an attribute should be released for a particular purpose.
- Agent boundary: a successful human login is not a standing grant for an AI browser, connector, or automated agent to act without scoped delegation, confirmation, logging, and revocation.
Current Context
As of this review on June 23, 2026, FedCM is still standards work, not a settled universal login layer. The W3C technical report page lists Federated Credential Management as a First Public Working Draft on the Recommendation track and explicitly says the draft should be cited as work in progress. The active W3C Federated Identity Working Group charter says the group develops Web Platform features for secure and privacy-preserving interactions related to digital identities or credentials, including federated identity, digital wallets, and credential presentation.
Browser and developer documentation frame the same problem from the deployment side. MDN describes FedCM as experimental and limited availability. Chrome frames it as a privacy-preserving identity federation API and notes that support is not universal. That means FedCM should be described as a migration and mediation mechanism for some federation flows, not proof that every browser, identity provider, and relying party supports the same behavior.
Chrome's third-party-cookie context also changed after early FedCM discussions. On April 22, 2025, Google said it would maintain its current approach to third-party-cookie choice in Chrome and would not roll out a new standalone third-party-cookie prompt. FedCM still matters because users, browsers, enterprise policies, private modes, and other engines can block or restrict third-party cookies; but current claims should not imply that Chrome has fully removed third-party cookies by default.
On June 16, 2026, W3C's Federated Identity Working Group also published a Working Draft of the Digital Credentials API, which specifies browser mediation for the presentation and issuance of digital credentials and builds on Credential Management Level 1. That adjacent draft is important because web identity is converging around browser mediation, but it should not be collapsed into FedCM: federated sign-in and credential presentation are related but different trust ceremonies.
FedCM sits beside, not above, other identity standards. OpenID Connect remains a major protocol for federated authentication. OpenID Federation 1.1, published as final on May 5, 2026, defines protocol-independent trust infrastructure such as entity statements, trust chains, metadata policies, trust marks, and federation endpoints. NIST SP 800-63-4, finalized on July 31, 2025, covers identity proofing, authentication, and federation for U.S. federal digital services; its federation volume treats both general-purpose identity providers and subscriber-controlled wallets.
Governance and Safety
FedCM addresses one privacy problem without ending identity governance. It can reduce dependence on third-party cookies and silent cross-site mechanisms, but federated login still creates concentration risk. A few identity providers may become default gateways to many services. A browser vendor may shape access through implementation choices. Relying parties may request more identity attributes than necessary. Users may approve flows because the prompt is familiar, not because the data transfer is understood.
The W3C draft's privacy section names attack scenarios such as manifest fingerprinting, timing attacks, identity-provider intrusion, cross-site correlation, unauthorized data usage, relying-party fingerprinting, and secondary use. Those are not abstract edge cases. They are the same political questions that surround platform identity: who learns that a person visited which service, who can join records across contexts, and who can deny access when identity federation fails?
The active W3C charter also draws an important boundary: the working group is not designing new authentication methods, credential formats, or security-confidence assessment of the token that encodes identity assertions. That means FedCM can improve the browser ceremony while relying parties and identity providers remain responsible for token validation, audience checks, issuer trust, account recovery, fraud response, retention, and authorization.
NIST SP 800-63C-4 shows the broader governance frame: federation requires defined assurance levels, trust agreements, permitted attribute release, wallet security disclosures, activation factors, and assertion protections. FedCM can be part of the delivery path for some web flows, but the assurance and accountability questions remain outside the browser prompt.
FedCM also matters for agentic browsing. An AI agent operating a logged-in browser should not silently inherit every consequence of a human login. Authentication answers whether a user or account is recognized; delegation answers what an agent may do, under whose authority, for how long, and with what audit trail. Without that separation, a privacy-preserving login ceremony can still become an overbroad action grant.
Defense Pattern
- Minimize claims. Relying parties should request only the identity attributes needed for the stated purpose.
- Make the ceremony legible. Prompts should make the identity provider, relying party, attributes, purpose, persistence, and revocation route understandable.
- Keep alternatives available. FedCM should not become the only practical route into essential services, public benefits, education, health care, or workplace systems.
- Validate assertions separately. Relying parties still need issuer trust, audience checks, signature validation, replay defenses, account-linking policy, and incident response.
- Audit identity providers. Security, retention, logging, breach response, account recovery, and secondary-use rules matter because the provider becomes a shared dependency.
- Record the trust chain. For higher-risk systems, document which identity provider, protocol, assurance level, client identifier, redirect or FedCM path, token validation rule, and attribute release policy applied.
- Separate authentication from profiling. A login event should not become a broad advertising, ranking, eligibility, or fraud-scoring signal without separate authority.
- Separate login from delegation. AI agents and browser automations need scoped authority, human confirmation for sensitive actions, logs, and revocation rather than silent reuse of a human session.
- Test browser differences. Because support and behavior vary, organizations should document fallback flows, accessibility impacts, recovery paths, private-mode behavior, enterprise-policy behavior, and non-FedCM behavior.
Source Discipline
Claims about FedCM should separate standards status, browser implementation, identity-provider support, relying-party deployment, and policy interpretation. A W3C First Public Working Draft establishes a standards-track proposal, not universal deployment. Chrome documentation establishes Chrome behavior and migration advice, not cross-browser support. MDN compatibility notes should be checked before production claims.
Privacy claims should name the specific channel being reduced, such as third-party cookie dependence or hidden cross-site login checks, and should not imply that all tracking, account linking, profiling, or identity-provider concentration disappears. Identity-governance claims should distinguish the browser API from OpenID Connect, OpenID Federation, NIST federation guidance, legal identity proofing, credential wallets, and downstream authorization rules.
For current web-platform context, cite the dated source. A Chrome Privacy Sandbox post, a Chrome developer guide, MDN compatibility page, W3C technical report, W3C editor's draft, W3C publications page, and OpenID specification answer different questions. Do not use a browser vendor's migration guidance as proof of standards maturity or use W3C standards status as proof of production interoperability.
When FedCM is discussed with AI agents, name the action boundary. "Signed in" is not the same as "authorized an agent to buy, post, message, delete, export, or configure." Source-disciplined agent claims should identify the account, actor, tool permission, action type, confirmation requirement, audit log, and revocation path.
Spiralist Reading
FedCM is a small browser API with a large cultural lesson: identity is becoming a browser ceremony.
The person sees an account chooser. Underneath, institutions negotiate trust, attributes, identifiers, cookies, redirects, browser policy, and platform power. The humane version narrows surveillance and makes login safer. The worse version makes identity friction disappear while moving more of public life through a few private chokepoints.
Open Questions
- How should browsers explain what identity attributes are being shared?
- Can small identity providers integrate without being disadvantaged by browser defaults?
- What fallback should exist when a user cannot or will not use a federated account?
- How should FedCM interact with age assurance, digital wallets, and agent-mediated browsing?
- How should a browser distinguish human login, agent delegation, and automated action inside an authenticated session?
- Should browser-mediated credential flows expose machine-readable audit events for enterprise, public-sector, or high-risk agent contexts?
- Who audits secondary use after a successful federated login?
Related Pages
- Digital Identity
- Data Minimization
- Contextual Integrity
- AI Agent Identity
- Agent2Agent Protocol
- Model Context Protocol
- AI Agent Observability
- AI Agent Sandboxing
- AI Browsers and Computer Use
- Surveillance Capitalism
- Platform Governance
- Platform Monopoly Power
- Data Brokers
- Privacy and Data
- Research and Editorial Standards
- Age Assurance
- Zero-Knowledge Proofs
- Notice and Appeal
- AI Liability and Accountability
- Secure AI System Development
- Prompt Injection
- AI Governance
- Trust and Safety
Sources
- W3C, Federated Credential Management API, First Public Working Draft, August 20, 2024, reviewed June 23, 2026.
- W3C, Federated Identity Working Group Charter, active charter, reviewed June 23, 2026.
- W3C, Federated Identity Working Group publications, reviewed June 23, 2026.
- W3C, Credential Management Level 1, Working Draft, reviewed June 23, 2026.
- W3C, Digital Credentials API, Working Draft, June 16, 2026; reviewed June 23, 2026.
- Chrome for Developers, FedCM: A privacy-preserving identity federation API, reviewed June 23, 2026.
- Google for Developers, Migrate to FedCM, reviewed June 23, 2026.
- Google Privacy Sandbox, Next steps for Privacy Sandbox and tracking protections in Chrome, April 22, 2025.
- Google Privacy Sandbox, Third-party cookies, reviewed June 23, 2026.
- MDN Web Docs, Federated Credential Management (FedCM) API, reviewed June 23, 2026.
- OpenID Foundation, How OpenID Connect Works, reviewed June 23, 2026.
- OpenID Foundation, OpenID Federation 1.1, final, May 5, 2026, reviewed June 23, 2026.
- NIST CSRC, SP 800-63-4: Digital Identity Guidelines, final, July 31, 2025.
- NIST, SP 800-63C-4: Federation and Assertions, reviewed June 23, 2026.