Google Identity Services is moving to FedCM. FedCM is a new authentication standard.
Google Identity Services is migrating to FedCM APIs. Follow the migration guide to review potential changes and avoid negative impacts for user sign-in to your website.
And the OIDC [Google Sign-In Library is officially deprecated] (link removed discourse)
Warning: The Google Sign-In library optionally uses FedCM APIs, and their use will become a requirement. Conduct an impact assessment to confirm that user sign-in continues to function as expected.
It seems the reason for doing this is because Google can’t rely on all their services being on the same domain as their Identity Services, and they want to force-disable 3rd party cookies for everyone including themselves.
I have two questions then,
- What will people do that are using Keycloak for similar purposes? Will there be an FedCM interface?
- I don’t understand FedCM well, will users be able to log into keycloak with FedCM?
MozDev is tracking FedCM and has a page for it (I can’t link to it because of stupid discourse restrictions). But it shows Firefox doesn’t yet support FedCM.