Sign up to save your podcasts
Or
Share Browser Native Auth and FedCM is finally here!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Browser Native Auth and FedCM is finally here!
Share Episode ⸺ Episode Sponsor: Incident.io - https://dev0ps.fyi/incidentio
"My biggest legacy at Google is the amount of systems I broke." — Sam Goto joins the show with a name that strikes fear into engineering systems everywhere. As a Senior Staff Engineer on the Chrome team, Sam shares the hilarious reality of having the last name "Goto," which once took down Google's internal URL shortener for four hours simply because he plugged in a new computer.
Sam gets us up to speed with Federated Credentials Management (FedCM), as we dive deep into why authentication has been built despite the browser rather than with it, and why it’s time to move identity from "user-land" to "kernel-land". This shift allows for critical UX improvements for logging in all users irrespective of what login providers you use, finally addressing the "NASCAR flag" problem of infinite login lists.
>Most importantly, he shares why you don't need to change your technology stack to get all the benefits of FedCM. Finally, Sam details the "self-sustaining flame" strategy (as opposed to an ecosystem "flamethrower"), revealing how they utilized JavaScript SDKs to migrate massive platforms like Shopify and 50% of the web's login traffic without requiring application developers to rewrite their code.
>💡 Notable Links:- HSMs + TPM in production environments
- Get involved: FedCM W3C WG
- The FedCM spec GitHub repo
- TPAC Browser Conference
- Warren - Book: The Platform Revolution
- Sam - The 7 Laws of Identity and Short Story: The Egg By Andy Weir
View all episodes
By Will Button, Warren Parad
4.4
1818 ratings
Share Episode ⸺ Episode Sponsor: Incident.io - https://dev0ps.fyi/incidentio
"My biggest legacy at Google is the amount of systems I broke." — Sam Goto joins the show with a name that strikes fear into engineering systems everywhere. As a Senior Staff Engineer on the Chrome team, Sam shares the hilarious reality of having the last name "Goto," which once took down Google's internal URL shortener for four hours simply because he plugged in a new computer.
Sam gets us up to speed with Federated Credentials Management (FedCM), as we dive deep into why authentication has been built despite the browser rather than with it, and why it’s time to move identity from "user-land" to "kernel-land". This shift allows for critical UX improvements for logging in all users irrespective of what login providers you use, finally addressing the "NASCAR flag" problem of infinite login lists.
>Most importantly, he shares why you don't need to change your technology stack to get all the benefits of FedCM. Finally, Sam details the "self-sustaining flame" strategy (as opposed to an ecosystem "flamethrower"), revealing how they utilized JavaScript SDKs to migrate massive platforms like Shopify and 50% of the web's login traffic without requiring application developers to rewrite their code.
>💡 Notable Links:- HSMs + TPM in production environments
- Get involved: FedCM W3C WG
- The FedCM spec GitHub repo
- TPAC Browser Conference
- Warren - Book: The Platform Revolution
- Sam - The 7 Laws of Identity and Short Story: The Egg By Andy Weir
More shows like Adventures in DevOps
View all
The New Stack Podcast
32 Listeners
Software Engineering Radio - the podcast for professional software developers
274 Listeners
The Cloudcast
151 Listeners
Syntax - Tasty Web Development Treats
989 Listeners
DevOps Paradox
25 Listeners
DevOps Sauna from Eficode
2 Listeners
Hard Fork
5,527 Listeners
Beyond Coding
0 Listeners
Network Automation Nerds
4 Listeners