1 of 15

2022 FedCM CG + CHAPI

Credential Handler API

1

2 of 15

CHAPI in One Picture

2

Issuer

(Website)

Issues

Verifier

(Website)

Requests

Digital Wallet

(Website or App)

Stores, Presents

Issue Credentials

Present

Credentials

CHAPI is used to exchange verifiable credentials between Digital Wallets and websites

Analogue: FedCM APIs are used to exchange identity claims between IdPs and websites.

3 of 15

Digital Wallet Registration

3

4 of 15

Digital Wallet Selection

4

5 of 15

Degrades when 3rd-party cookies unavailable

5

6 of 15

Interoperability Overview

CHAPI and VC-API

17 different Issuers14 PlugFest participants�3 from the broader VC-API community

8 different wallets5 web wallets�3 native mobile apps

81

Combinations Demonstrated

© copyright 2022. All rights reserved

7 of 15

Goals and Non-Goals

7

  • Goals
    • Explore commonalities between FedCM and CHAPI UX
    • Explore benefits of FedCM APIs that replace 3rd party cookies
      • CHAPI uses 3rd party cookies, but downgrades to a 1st party window if needed
    • Replace parts of CHAPI polyfill with FedCM APIs (if it leads to a better UX)
  • Non-Goals
    • "Standardize" Verifiable Credentials and Decentralized Identifiers APIs
    • Solve generalized sharing of data between Websites/Apps (e.g., Web Share)

8 of 15

Discussion

8

FedCM Issue #374

TL;DR; Wallet selection in CHAPI is built with iframes and third party cookies. This is an exploration if FedCM can help preserve it.

https://github.com/fedidcg/FedCM/issues/374

9 of 15

Appendix

9

10 of 15

CHAPI Details

10

11 of 15

Credential Handler Registration

Step 1

Step 2

Step 3

Credential repository website requests install of Credential Handler

Individual allows credential handler install

Credential handler ready

11

12 of 15

Verifiable Credential Storage

Step 1

Step 2

Step 3

Individual logs into website

Website requests storage of Verifiable Credential

Individual approves storage of Verifiable Credential

12

13 of 15

Verifiable Presentation Request

Step 1

Step 2

Step 3

Website requests Verifiable Credentials

Individual selects Verifiable Credentials to transmit

Individual transmits Verifiable Credentials

13

14 of 15

CHAPI Timeline

14

  • 2014 - Identity Credentials protocol proposed
  • 2017 - Web Payments Handler written by Dave Longley
  • 2017 - CHAPI Specification created by Dave Longley
  • 2017 - CHAPI adopted as W3C CCG Work Item
  • 2020 - DHS SVIP Interop (6 companies interop)
  • 2022 - JFF Interop (17 companies interop)

15 of 15

Related Specifications and Code

15

Demo site: https://playground.chapi.io/issuer

Developer Documentation: https://chapi.io/

CHAPI Polyfill: https://github.com/credential-handler/credential-handler-polyfill

CHAPI Specification: https://w3c-ccg.github.io/credential-handler-api/