FedCM updates: Mode, Use Other Account, and Continuation features in Chrome 132

Natalia Markoborodova
Natalia Markoborodova

After successful origin trials, we're shipping several new FedCM updates in Chrome 132: the Mode API, Use Other Account API, and the Continuation API bundle.

Mode API

The Mode API allows for different UX mode configurations, and introduces a new UX mode: active mode. Active mode is an alternative to the existing passive mode (formerly known as widget mode), which FedCM uses by default.

With active mode (formerly known as Button Mode), identity providers (IdP) can use the FedCM API even if their users are logged out of the IdP when navigator.credentials.get() is called. The sign-in flow is initiated by a user gesture such as clicking on a Sign in with IdP button, which better reflects the user's intention.

A user signs into an RP using FedCM in active mode.

The active mode sign-in dialog UI is different from the one in passive mode UI: it is bigger, centered, and has larger branding icons.

A FedCM sign-in active mode dialog on desktop requesting a user to sign in with their account. The dialog contains a branding icon and options to log in to the RP with the current account provided by the IdP, choose a different account, or cancel. The dialog is centered, and it's bigger than the passive mode dialog.
FedCM sign-in dialog UI in active mode on desktop.
A FedCM sign-in passive mode dialog on desktop requesting a user to sign in with their account. The dialog contains a branding icon and options to log in to the RP with the current account provided by the IdP, or cancel. The dialog appears on the top left side of the browser tab.
FedCM sign-in dialog UI in passive mode on desktop (default).

Learn how to use FedCM in active mode in the developer documentation.

Use other account

With the Use Other Account API, users can choose to switch to an account that's different from the one they're currently logged in with, if the IdP supports multiple accounts or replacing the existing account:

FedCM active mode dialog displaying a button 'Use a different account'.
The Use Other Account feature in active mode: A "Use a different account" button is added to the UI.

Continuation API bundle

The Continuation API bundle is available from Chrome 132. The bundle consists of multiple FedCM features:

These features are bundled together because IdPs can use them to implement authorization flows, such as letting a user grant an RP access to their calendar.

Continuation API bundle: When the sign-in flow is initiated, the Continuation API opens the continue_on URL in a popup window. The user can review and grant additional permissions before they are signed in to the RP. The Fields API modifies the disclosure UI message.

Continuation API

With the Continuation API, the IdP can provide a redirect URL in the ID assertion endpoint response to enable a multi-step sign-in flow. This is useful when the IdP needs to request additional information or permissions, for example:

  • Permission to access the user's server-side resources.
  • Verification that contact information is up-to-date.
  • Parental controls.

Learn how to use the Continuation API in the FedCM developer documentation.

Parameters API

The Parameters API allows the RP to provide additional key-value parameters to the ID assertion endpoint. With the Parameters API, RPs can pass additional parameters to the IdP to request permissions for resources beyond basic sign-in.
Passing additional parameters can be useful when an RP needs to request additional permissions, such as billing address or calendar access. The user can authorize these permissions through an IdP-controlled UX flow that is launched using the Continuation API, and the IdP would then share this information.

Learn how to use the Parameters API in the developer documentation.

Fields API

With the Fields API, the RP can specify the user information (any combination of name, email address, and profile picture) they need the IdP to share with them. The requested information will be included in the disclosure UI of the FedCM dialog. The user will see a message notifying them that idp.example will share the requested information with the rp.example if the user chooses to sign in.

A FedCM active mode dialog displaying a disclosure message. To continue, the identity provider will share the user's email address and profile picture with the website.
Disclosure message in active mode: the RP requests the IdP to share only the user email and profile picture.

See the developer documentation to learn how to use the Fields API.

Multiple configURLs

Multiple configURLs allow IdPs to accommodate multiple config files for an IdP, by specifying accounts_endpoint and login_url in the well-known file the same as the config files. This feature can be useful in these cases:

  • An IdP needs to support multiple different test and production configurations.
  • An IdP needs to support different configurations per region (for example, eu-idp.example and us-idp.example).

See the developer documentation for implementation details.

Custom Account Labels

With Custom Account Labels, the IdP can annotate user accounts with labels, and the RP can choose to only fetch accounts with specific labels by specifying the configURL for that specific label. This can be useful when an RP needs to filter out accounts by specific criteria, for example, to only display role-specific accounts such as developer or hr.

Engage and share feedback

If you have feedback or encounter any problems, you can file an issue. We will keep the FedCM developer documentation up to date, along with the accumulated update logs page.