Credential Management API

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The Credential Management API enables a website to create, store, and retrieve credentials. A credential is an item which enables a system to make an authentication decision: for example, to decide whether to sign a user into an account. We can think of it as a piece of evidence that a user presents to a website to demonstrate that they really are the person they are claiming to be.

Concepts and usage

The central interface is the CredentialsContainer, which is accessed through the navigator.credentials property and provides three main functions:

  • create(): create a new credential.
  • store(): store a new credential locally.
  • get(): retrieve a credential, which can then be used to log a user in.

The API supports four different types of credential, which are all represented as subclasses of Credential:

Type Interface
Password PasswordCredential
Federated identity IdentityCredential, FederatedCredential (deprecated)
One-time password (OTP) OTPCredential
Web Authentication PublicKeyCredential

The guide page Credential types gives an overview of the different credential types and how they are used.

Interfaces

Credential

Provides information about an entity as a prerequisite to a trust decision.

CredentialsContainer

Exposes methods to request credentials and notify the user agent when interesting events occur such as successful sign in or sign out. This interface is accessible from navigator.credentials.

FederatedCredential

Provides information about credentials from a federated identity provider, which is an entity that a website trusts to correctly authenticate a user, and which provides an API for that purpose. OpenID Connect is an example of such a framework.

PasswordCredential

Provides information about a username/password pair.

Extensions to other interfaces

Returns the CredentialsContainer interface which exposes methods to request credentials and notify the user agent when interesting events occur such as successful sign in or sign out.

Specifications

Specification
Credential Management Level 1

Browser compatibility

api.Credential

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
Credential
id
isConditionalMediationAvailable() static method
Experimental
type

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
No support
No support
Experimental. Expect behavior to change in the future.

api.CredentialsContainer

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
CredentialsContainer
create
publicKey option
attestation option
attestation.direct
attestation.enterprise
attestation.indirect
attestation.none
create() extensions
appidExclude extension
credProps extension
credProtect extension
Experimental
largeBlob extension
minPinLength extension
payment extension
publicKey_option.requireResidentKey
Experimental
publicKey_option.residentKey
get
identity option
Experimental
identity.context
Experimental
Error API
ExperimentalNon-standard
identity.providers.loginHint
Experimental
otp option
Experimental
publicKey option
get() extensions
appid extension
largeBlob extension
Experimental
preventSilentAccess
store

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
Partial support
Partial support
No support
No support
Experimental. Expect behavior to change in the future.
Non-standard. Check cross-browser support before using.
See implementation notes.
Uses a non-standard name.
Has more compatibility info.

api.FederatedCredential

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
FederatedCredential
Experimental
FederatedCredential() constructor
Experimental
iconURL
Experimental
name
Experimental
protocol
Experimental
provider
Experimental

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
No support
No support
Experimental. Expect behavior to change in the future.
See implementation notes.

api.PasswordCredential

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
PasswordCredential
Experimental
PasswordCredential() constructor
Experimental
iconURL
Experimental
name
Experimental
password
Experimental

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
No support
No support
Experimental. Expect behavior to change in the future.
See implementation notes.

See also