Learn more about Federated Credential Management (FedCM), including how FedCM is different than third party cookies and worth pursuing.
How Apple broke "Sign in with Apple" with an unannounced and silent redirect
Authentication has always been a delicate balance, especially for Customer Identity and Access Management (CIAM) at internet scale. Too much security can frustrate users, leading to workarounds, while overly simple authentication compromises security.
This challenge intensifies as organizations manage authentication for millions of users. Federated Credential Management (FedCM) emerges as a solution to these competing demands, with Ory offering a ready-to-deploy implementation.
The trajectory of third-party cookies offers a critical lesson in technology adoption. For over two decades, organizations anchored their authentication and tracking systems on these cookies, perceiving them as a permanent web fixture. Then, the privacy revolution arrived: Safari blocked third-party cookies in 2017, Firefox followed suit in 2019, and Chrome's announced phase-out sent ripples across the industry. Organizations that hadn't prepared found themselves scrambling to adapt.
Today, we stand at a similar pivotal moment with authentication standards. FedCM represents the future of federated identity, presenting organizations with a choice: lead the transition or lag behind. Early adopters will be strategically positioned as browser support expands and user expectations evolve.
Organizations utilizing social login are familiar with the inherent trade-off: ease of implementation versus the loss of direct user relationships. Each instance of a customer authenticating through a third-party provider inserts an intermediary between the business and its user base. For businesses heavily invested in user experience and customer relationships, this creates a significant blind spot in understanding and effectively serving their community.
FedCM alters this dynamic. By operating at the browser level, it preserves the convenience of federated authentication while safeguarding direct user relationships. For enterprise architects and IAM leaders, this means finally delivering the seamless authentication experience their organization requires without sacrificing user insights or security.
For development teams already navigating intricate authentication systems, FedCM might seem like another standard to implement. However, its browser-native approach actually simplifies your authentication architecture.
FedCM integration with Ory offers several key advantages:
Ory is at the forefront of FedCM implementation, providing a ready-to-deploy solution that functions immediately. No customization or complex configurations are necessary. We've handled the complexities, allowing you to concentrate on your core business objectives.
For Developers:
For Organizations:
The current browser support landscape for FedCM is still evolving. Chromium-based browsers (Chrome, Edge, Brave, etc.) offer full FedCM support. Firefox has the feature in its beta phase, while Safari support is currently pending, although Apple has indicated future plans for implementation. Android provides some support behind a feature flag on mobile platforms, while iOS support is yet to come.
The key metrics for organizations evaluating FedCM implementation extend beyond mere technical specifications. Consider these impact areas:
The transition to FedCM signifies more than just a technical upgrade—it's a strategic imperative toward a more secure and privacy-respecting CIAM. The question is not whether to modernize your identity management approach, but when.
Organizations that embrace this change early will cultivate stronger user relationships and gain a competitive edge. With Ory's FedCM implementation, you're not just keeping pace with the future of authentication; you're leading the way.
For additional details on implementing FedCM with Ory, see our documentation: https://www.ory.sh/docs/kratos/social-signin/fedcm
Learn more about FedCM, including a video and a mock FedCM utility you can test out the standard: https://www.ory.sh/fedcm
