Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The PasswordCredential() constructor creates a new PasswordCredential object. In supporting browsers, an instance of this class may be passed the credential from the init object for global fetch().


new PasswordCredential(passwordCredentialData)
new PasswordCredential(htmlFormElement)


Either of the following:


An object with the following properties:

iconURL Optional

The URL of a user's avatar image.


The ID of the user signing in.

name Optional

The name of the user signing in.


The password of the user signing in.


A reference to an HTMLFormElement with appropriate input fields. The form should, at the very least, contain an id and password. It could also require a CSRF token.


This example shows how to set up an HTMLFormElement to capture data which we'll use to create a PasswordCredential object.

Starting with the form element.

<form id="form" method="post">
  <label for="id">Username:</label>
  <input type="text" name="id" autocomplete="username" />
  <label for="password">Password:</label>
  <input type="password" name="password" autocomplete="current-password" />
  <input type="hidden" name="csrf_token" value="*****" />

Then, a reference to this form element, using it to create a PasswordCredential object, and storing it in the browser's password system.

const form = document.querySelector("#form");
const creds = new PasswordCredential(form);
// Store the credentials. => {
  // Do something with the credentials if you need to.


Credential Management Level 1
# dom-passwordcredential-passwordcredential

Browser compatibility

BCD tables only load in the browser