design-reviews#1184: Incubation: IdP-Initiated FedCM

#1184: Incubation: IdP-Initiated FedCM

Visit on Github

Opened

Jan 13, 2026

Explainer

https://github.com/w3c-fedid/FedCM/blob/main/explorations/drafts/interception.md

The explainer

Includes the information requested by the Explainer Explainer.
Follows the Web Platform Design Principles.
Includes or links to answers to the Security/Privacy Questionnaire.
Describes user research you did to validate the problem and/or design.

Where and by whom is the work is being done?

GitHub repo: https://github.com/w3c-fedid/FedCM/blob/main/explorations/drafts/interception.md
Primary contacts:
- Sam Goto (@samuelgoto), Google, Author
Organization/project driving the design: Google Chrome
This work is being funded by: Google
Incubation and standards groups that have discussed the design:
- FedID CG
Standards group(s) that you expect to discuss and/or adopt this work when it's ready: FedID WG

Feedback so far

Multi-stakeholder feedback:
- Chromium comments: https://groups.google.com/a/chromium.org/g/blink-dev/c/_5P00uaafKM
- Mozilla comments: not yet
- WebKit comments: not yet
Major unresolved issues with or opposition to this design:
- We ran a session at TPAC in Kobe (notes)

You should also know that...

This proposal intends to help enable IdPs to deploy FedCM on all of its RPs without requiring the RPs to redeploy.

There are a few reasons why we think deploying FedCM at scale might be important:

First, we think this can remove one of the main blockers to combat bounce tracking, which relies on top-level link-decorated navigations in conjunction with first party cookies. With this proposal deployed at scale, browsers get closer to be able to remove one of those two components, at least for a meaningful part of the traffic that is required to preserve federation.
Second, we are finding that the built-in native FedCM UX often outperforms top-level navigations (specially on mobile), so we'd expect that this will be useful present a better user experience to IdPs/RPs and users, in and of itself.
Third, in agentic browsers, whenever FedCM is being used, we think we can turn federation into a structured/programmable tool (like an MCP), rather than unstructured computer-use actuation (like computer vision), fundamentally providing a better foundation to agentic browsers when it comes assisting users logging in to websites.

Track conversations at https://tag-github-bot.w3.org/gh/w3ctag/design-reviews/1184

Discussions

Discussed Jan 12, 2026 (See Github)

Ehsan: Let me have a read, and then decide.

Discussed Jan 26, 2026 (See Github)

Ehsan: Still reading.

Hadley: How are we on deadlines? Looks like no obvious deadline. We are missing multi stakeholder support.

Discussed Feb 2, 2026 (See Github)

Ehsan: My review is almost done, think can post it by next week. Suggestion is to put it for discussion on next Thursday meeting so I can get Matthew’s opinion.

Lola: Please ping Hadley, as she’s in charge for the agenda for next week.

Discussed Feb 2, 2026 (See Github)

bump

Discussed Feb 9, 2026 (See Github)

Ehsan: Finished my review, will post it very soon. My main concern is that I see this as a stepping stone for more Agentic-related specs coming. I don't see any position from other stakeholders on this one. Because it seems like a stepping stone, I think we need to push for a clear position from other stakeholders first (Mozilla and WebKit).

Lola: We look forward to your draft comment.