Ory Homepage

The race to modern authentication: Why early FedCM adoption matters

Learn more about Federated Credential Management (FedCM), including how FedCM is different than third party cookies and worth pursuing.

Why FedCM adoption matters
Picture of The Ory Team
The Ory Team

Authentication has always been a delicate balance, especially for Customer Identity and Access Management (CIAM) at internet scale. Too much security can frustrate users, leading to workarounds, while overly simple authentication compromises security.

This challenge intensifies as organizations manage authentication for millions of users. Federated Credential Management (FedCM) emerges as a solution to these competing demands, with Ory offering a ready-to-deploy implementation.

Why Now: Learning from History

The trajectory of third-party cookies offers a critical lesson in technology adoption. For over two decades, organizations anchored their authentication and tracking systems on these cookies, perceiving them as a permanent web fixture. Then, the privacy revolution arrived: Safari blocked third-party cookies in 2017, Firefox followed suit in 2019, and Chrome's announced phase-out sent ripples across the industry. Organizations that hadn't prepared found themselves scrambling to adapt.

Today, we stand at a similar pivotal moment with authentication standards. FedCM represents the future of federated identity, presenting organizations with a choice: lead the transition or lag behind. Early adopters will be strategically positioned as browser support expands and user expectations evolve.

The Hidden Cost of Social Login

Organizations utilizing social login are familiar with the inherent trade-off: ease of implementation versus the loss of direct user relationships. Each instance of a customer authenticating through a third-party provider inserts an intermediary between the business and its user base. For businesses heavily invested in user experience and customer relationships, this creates a significant blind spot in understanding and effectively serving their community.

FedCM alters this dynamic. By operating at the browser level, it preserves the convenience of federated authentication while safeguarding direct user relationships. For enterprise architects and IAM leaders, this means finally delivering the seamless authentication experience their organization requires without sacrificing user insights or security.

Technical Considerations

For development teams already navigating intricate authentication systems, FedCM might seem like another standard to implement. However, its browser-native approach actually simplifies your authentication architecture.

FedCM integration with Ory offers several key advantages:

  • Seamless OAuth2 and OpenID Connect Integration: Your existing implementations remain functional, with FedCM working in concert with current standards, enhancing rather than replacing your authentication flows.
  • Enhanced Security Controls: Browser-level implementation provides an additional layer of defense against common attack vectors.
  • Scalable Architecture: Designed to handle massive concurrent authentications without compromising performance.
  • Optimized for CIAM: Purpose-built to address the unique challenges of customer identity management at scale, including high concurrency and cross-domain authentication.

A New Authentication Approach

Ory is at the forefront of FedCM implementation, providing a ready-to-deploy solution that functions immediately. No customization or complex configurations are necessary. We've handled the complexities, allowing you to concentrate on your core business objectives.

For Developers:

  • Immediate Integration: Deploy FedCM-ready components with minimal setup.
  • Future-Proof Implementation: Build on standards that anticipate upcoming browser changes.
  • Native Browser Flows: Leverage consistent, browser-level authentication across platforms.
  • Zero Custom UI Required: Utilize standardized browser interfaces instead of maintaining custom components.

For Organizations:

  • Reclaim User Relationships: Maintain direct connections with your user base.
  • Enhanced Security by Default: Provide stronger authentication without added user friction.
  • Seamless Content Access: Enable zero-interaction authentication for subscribed users.
  • Compliance Ready: Meet evolving privacy regulations with modern standards.

Current Browser Support

The current browser support landscape for FedCM is still evolving. Chromium-based browsers (Chrome, Edge, Brave, etc.) offer full FedCM support. Firefox has the feature in its beta phase, while Safari support is currently pending, although Apple has indicated future plans for implementation. Android provides some support behind a feature flag on mobile platforms, while iOS support is yet to come.

Building Your Business Case

The key metrics for organizations evaluating FedCM implementation extend beyond mere technical specifications. Consider these impact areas:

  • Customer Support: Reduced volume of authentication-related support tickets.
  • User Engagement: Improved content access and higher conversion rates.
  • Development Efficiency: Eliminated the need for ongoing maintenance of custom UI components.
  • Security Posture: Enhanced authentication security without adding friction for users.
  • Technical Debt: Reduced complexity within authentication systems.

Taking the Next Step

The transition to FedCM signifies more than just a technical upgrade—it's a strategic imperative toward a more secure and privacy-respecting CIAM. The question is not whether to modernize your identity management approach, but when.

Organizations that embrace this change early will cultivate stronger user relationships and gain a competitive edge. With Ory's FedCM implementation, you're not just keeping pace with the future of authentication; you're leading the way.

For additional details on implementing FedCM with Ory, see our documentation: https://www.ory.sh/docs/kratos/social-signin/fedcm

Learn more about FedCM, including a video and a mock FedCM utility you can test out the standard: https://www.ory.sh/fedcm