Permissions-Policy: identity-credentials-get

Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

The HTTP Permissions-Policy header identity-credentials-get directive controls whether the current document is allowed to use the Federated Credential Management API (FedCM), and more specifically the navigator.credentials.get() method with an identity option.

Where this policy forbids use of the API, the Promise returned by the get() call will reject with a NotAllowedError DOMException.


Permissions-Policy: identity-credentials-get=<allowlist>;

A list of origins for which permission is granted to use the feature. See Permissions-Policy > Syntax for more details.

Default policy

The default allowlist for identity-credentials-get is self.


Federated Credential Management API
# permissions-policy-integration

Browser compatibility

BCD tables only load in the browser

See also