Coder Social home page Coder Social logo

dj2 / fedcm Goto Github PK

View Code? Open in Web Editor NEW

This project forked from fedidcg/fedcm

0.0 0.0 0.0 33.76 MB

A privacy preserving federated identity Web API

Home Page: https://fedidcg.github.io/FedCM/

License: Other

HTML 5.36% CSS 89.98% Shell 0.09% Makefile 0.81% Ruby 3.76%

fedcm's Introduction

FedID CG Federated Credentials Management

This is the repository for the W3C's FedID CG Federated Credentials Management API.

Explainer: explainer.md

Work-in-progress specification: https://fedidcg.github.io/FedCM/

Introduction

As the web has evolved there have been ongoing privacy-oriented changes (example) and underlying privacy principles. With those changes some underlying assumptions of the web are changing. One of those changes is the deprecation of third-party cookies. While overall good for the web, third-party cookie deprecation leaves holes in how some existing systems on the web were designed and deployed.

Federated Credentials Management API aims to fill the specific hole left by the removal of third-party cookies on federated login. Historically this has relied on third-party cookies or navigational redirects in order to function as they were the primitives provided by the web.

The explainer and spec provide a potential API and the rational behind how that API was designed.

Contributing

Much of the FedCM specification has evolved due to the experimentation detailed in the explorations. The explorations documents give a good overview of the why of the FedCM API. Please read over the documents to understand how the current API has evolved.

There are several ways to contribute to the Federated Credential Management API.

  • If you're an interested party and have potential requirements, they can be submitted to the IDBrowserUseCases repository. There are also discussions ongoing in the Fed-ID CG about the various use cases.

  • If you'd like to try out the current demo of the FedCM API you can follow the HOWTO document.

  • If you're an Identity Provider, there are two sides of the implementation that will be needed and any feedback on either side is appreciated.

    1. The Identity Provider API describes the manifest and API needed server side.
    2. The Browser API describes the JavaScript interface to FedCM which will need to be utilized.

  • If you're a Relying Party (i.e. website) and would like to test the changes out we'd appreciate feedback, you'll need to do something similar to the HOWTO.md to setup a fake IDP which can serve the needed JavaScript. (Until an IDP provides first party JavaScript to work with FedCM this integration will be tricker). You can also review the demo provided by the HOWTO and take a look at the Relying Party API to see what is needed on the RP side.

Code of Conduct

This group operates under W3C's Code of Conduct Policy.

fedcm's People

Contributors

achimschloss avatar agektmr avatar bvandersloot-mozilla avatar caraitto avatar cbiesinger avatar cwilso avatar dj2 avatar ericlaw1979 avatar hlflanagan avatar jyasskin avatar kenrb avatar konojunya avatar majido avatar npm1 avatar okicer avatar pkotwicz avatar ritou avatar samdutton avatar samuelgoto avatar yi-gu avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.