New level of the development for browsers
To begin with
All of us always want to make our life as easier as we can. Everybody use
lot of web-sites with necessity to authorise, but it’s too hard to keep all the passwords and logins in mind.
Nevertheless, the Google Chrome browser (beginning from the 51st version) is ready to help the users and developers to save their data and fill the forms easily and automatically in the future with a special API technology. This technology is used when we add a name, password or other personal data. It’s undeniable, that such system significantly simplifies our life.
Perhaps, you haven’t heard about the “Credential Management API”. In erspective, it may set a completely new level in web development for browsers.
CM API is a standard browser-based API that provides a programme interface to interact with the site and the browser for seamless sign-in across devices. The importance of this is in the fact that mobile users create, remember and type passwords again and again on different sites to be authenticated and have more opportunities to interact with each other and with your website.
Interaction becomes as simple as never!
Features and Functionality
Google Chrome users will be able to do powerful things like:
- Sign in in a blink of an eye with just one tap
- Even if the user-session has stopped unfortunately, there is an opportunity to sign back automatically
- You can see the account-chooser menu, when signing in
- You can store login and password in the same time
The Google’s engineers sight into the situation is following
We store credentials in our password manager. If they have signed in Chrome once, next they are able to synchronise the passwords with a PC, smartphone or a laptop. This data could also be integrated with android apps which support the Smart Lock technology.
This API allows users to interact with the website and store different types of credentials. This attitude creates lots of opportunities…
Moreover, this API have only three simple functions for different tasks:
- – navigator.credentials.get() — Singing-in
- navigator.credentials.store() — Storing credentials
- navigator.credentials.requireUserMediation() — Mediation auto sign-in
The question, which all of us are concerned about — safety.
It is absolutely safe technology! The main condition of this api is protected connection — it will not work without secure origins such as HTTPS domains or localhost. Credential Management API works with one domain, credentials are encrypted. It means that even if attacker got data, he wouldn’t be able to use it (sounds convincing).
Sounds interesting, but how to use it in my web projects?
… It really depends on many factors:
- Which architecture has your site got?
- Is it a landing page, or a complicated site?
- Where are the sign-in forms and buttons located?
- Can people browse your site without an authorisation?
Hardly anyone will cover all of these cases. That’s why we will take a simplified web page:
- The top page is a registration form.
- By tapping on “Sign In” button, users will navigate to a sign-in form.
- Both the registration and sign-in forms have the typical options of id/password credentials e.g. with Google Sign-In and Facebook Sign-In.
So, adding this functionality you will be able to use all of the Chrome potential!
To sum up:
Nevertheless, you should remember that it’s just an experimental API. It means that there is a risk that things may change. And now only Google Chrome users can try to use such function, noone else. We can just wait for the next steps of developers.