Users should be able to fine-tune the FedCM API to adapt it to their needs. This page is a guide on how to manage and customize the FedCM API.
User controls
Users can enable or disable FedCM in passive mode. This doesn't affect the active mode because the login request is initiated by a user gesture, and the browser should assist users to complete the login flow. Users can configure FedCM settings individually for each platform.
Chrome on desktop
Users can enable or disable FedCM for Chrome on desktop at chrome://settings/content/federatedIdentityApi.
Chrome on Android
To enable or disable FedCM on Chrome on Android, users can go to Chrome's Settings > Site settings > Third-party sign-in, then change the toggle.
Manual closure and prompt cooldown period
If the user closes the UI manually, an entry would be temporarily added to the settings UI and the UI won't be displayed in the same website for a period of time. The UI will be reenabled after the period, but the duration will be exponentially expanded on consecutive closes. For example, in Chrome:
| Consecutive times closed | Time period that FedCM prompt is suppressed |
|---|---|
| 1 | Two hours |
| 2 | One day |
| 3 | One week |
| 4+ | Four weeks |
Other browsers may define their own, different, cooldown time periods.
Users can re-enable FedCM on the RP manually. There are two ways to do so:
The user can navigate to
chrome://settings/content/federatedIdentityApiand remove the RP from the "Not allowed to show third-party sign-in prompts" list.
The user can click the PageInfo UI (a setting icon beside the URL bar) and reset the permission under "Third-party sign-in".
