[w3ctag/design-reviews] FedCM's IdP Registration API (Issue #974) from Sam Goto on 2024-07-09 (public-webapps-github@w3.org from July 2024)

From: Sam Goto <notifications@github.com>
Date: Tue, 09 Jul 2024 08:46:52 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/974@github.com>

> This came up recently in a discussion with the TAG, of an extension to FedCM that is both (a) early and (b) could use early directional guidance from the TAG.

こんにちは TAG-さん!

I'm requesting a TAG review of FedCM's [IdP Registration API](https://github.com/fedidcg/FedCM/issues/240#issuecomment-2218044167).

One of the problems on the web is that users are currently constrained by a small set of social login providers to login to Websites. Websites, in turn, are constrained by finite space in login flows, so they typically have to pick 2-5 large social login providers (e.g. facebook, google, twitter, linkedin, github, etc) that can represent a large fraction of their users, but, by construction, not all of them.

This is a proposal to increase user choice by allowing RPs to request any IdPs that the user has chosen to register.

  - Explainer¹ (minimally containing user needs and example code): [url](https://github.com/fedidcg/FedCM/issues/240#issuecomment-2218044167)
  - User research: not yet available
  - Security and Privacy self-review²: not yet available
  - GitHub repo: same as explainer
  - Primary contacts (and their relationship to the specification):
      - Sam Goto, @samuelgoto, Google Chrome
  - Organization/project driving the design: FedID CG, Indie Web community, Solid community
  - External status/issue trackers for this feature (publicly visible, e.g. Chrome Status):

Further details:

  - [ x ] I have reviewed the TAG's [Web Platform Design Principles](https://www.w3.org/TR/design-principles/)
  - The group where the incubation/design work on this is being done (or is intended to be done in the future): FedID CG/WG
  - The group where standardization of this work is intended to be done ("unknown" if not known): FedID WG
  - Existing major pieces of multi-implementer review or discussion of this design: [url](https://github.com/fedidcg/FedCM/issues/240#issuecomment-2218044167)
  - Major unresolved issues with or opposition to this design: See open questions [here](https://github.com/fedidcg/FedCM/issues/240#issuecomment-2218044167).
  - This work is being funded by:

You should also know that...

[please tell us anything you think is relevant to this review]

------------------------------------------------------------------------------------
CAREFULLY READ AND DELETE CONTENT BELOW THIS LINE BEFORE SUBMITTING

Please preview the issue and check that the links work before submitting.

In particular:
* if anything links to a URL which requires authentication (e.g. Google document), please make sure anyone with the link can access the document. We would prefer public documents though, since we work in the open.

¹ For background, see our [explanation of how to write a good explainer](https://tag.w3.org/explainers/). We recommend the explainer to be in [Markdown](https://github.github.com/gfm/).

² Even for early-stage ideas, a Security and Privacy questionnaire helps us understand potential security and privacy issues and mitigations for your design, and can save us asking redundant questions. See https://www.w3.org/TR/security-privacy-questionnaire/.


-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/974
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/974@github.com>

Received on Tuesday, 9 July 2024 15:46:56 UTC