IdentityCredential: token property
Limited availability
This feature is not Baseline because it does not work in some of the most widely-used browsers.
Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.
Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
The token read-only property of the IdentityCredential interface returns the token used to validate the associated sign-in.
The FedCM API does not define the structure of the token object or what the RP should do with it: this depends entirely on the federated identity protocol that the IdP implements.
When an RP chooses to work with a particular IdP, they will provide instructions for how to interpret and use the returned token value.
Value
Any type.
Examples
Basic federated sign-in and token access
Relying parties (RPs) can call navigator.credentials.get() with the identity option to make a request for users to sign in to the RP via an identity provider (IdP), using identity federation. A typical request would look like this:
async function signIn() {
const identityCredential = await navigator.credentials.get({
identity: {
providers: [
{
configURL: "https://accounts.idp.example/config.json",
clientId: "********",
params: {
/* IdP-specific parameters */
},
},
],
},
});
console.log(identityCredential.token);
}
A successful navigator.credentials.get() call that includes an identity option fulfills with an IdentityCredential instance, which can be used to access the token used to validate the sign-in.
Check out Federated Credential Management API (FedCM) for more details on how this works. This call will start off the sign-in flow described in FedCM sign-in flow.
Specifications
| Specification |
|---|
| Federated Credential Management API # dom-identitycredential-token |