Federated Credential Management (FedCM)

FedCM is a browser API for privacy-preserving federated authentication without the need for third-party cookies and redirects. You can read more about FedCM on MDN​. FedCM is still an experimental technology only available in Chrome based browsers at the moment, though other browsers are working on implementing it already. The use of FedCM with gw2.me is optional.

It is recommended that you use the gw2.me JavaScript library to initialize FedCM Authentication on your website. The FedCM config for gw2.me is available https://gw2.me/fed-cm/config.json in case you manually want to request authorization.

Request FedCM

FedCM is an alternative to redirecting the user to the OAuth2 authorization page described in Getting OAuth Access Tokens. Instead the user will be shown a browser dialog where they can grant permission to sign in.

It is currently not yet possible to configure specific scopes when requesting authentication via FedCM. At the moment the requested scopes are always identify and email, but all previously granted scopes are included as well, as if include_granted_scopes is used with the normal OAuth2 flow. If other scopes or options are required, the normal OAuth2 flow has to be used.

It is only possible to initialize FedCM authentication from an origin which matches on of the registered OAuth2 redirect URLs.

To request authentication via FedCM with the gw2.me JavaScript library, call gw2me.fedCM.request(). This will return a Promise<Credential | null> that resolves to a Credential when the authentication is successful, or null in case the authorization fails. The Credential contains a string property token, which is an OAuth2 authorization code. This authorization code can be exchanged to an access token as described in Access Token.