Credential Management API
The Credential Management API is the browser sign-in surface behind navigator.credentials, connecting websites, user agents, credential managers, and user mediation.
Definition
The Credential Management API is a W3C Web Application Security Working Group draft that gives websites an imperative API for requesting credentials from a user agent and helping the user agent store credentials for future use. Its central browser entry point is navigator.credentials, a CredentialsContainer with methods such as create(), store(), get(), and preventSilentAccess().
The API is not one credential format. It is a browser mediation layer. The W3C Level 1 draft defines the base Credential interface and legacy password and federated credential interfaces. Other specifications extend the same surface: WebAuthn defines PublicKeyCredential, FedCM defines privacy-preserving federated sign-in, and the Digital Credentials API covers wallet-style credential requests.
How It Works
The basic pattern is simple. A site can ask the browser to create or store a credential after a successful sign-in, and can later ask the browser to retrieve a credential that may help sign the user back in. MDN describes this as a secure-context API and summarizes its common credential families as password credentials, federated identity credentials, one-time-password credentials, and WebAuthn public-key credentials.
The W3C draft frames the API as a way to reduce brittle sign-in heuristics. Browsers already save passwords and fill forms, but that behavior often depends on guessing which forms and redirects mean sign-in, sign-out, or password change. Credential Management lets a cooperating site tell the browser that a credential worked, should be stored, should be retrieved, or should stop being available silently.
User Mediation
User mediation is the core governance concept. The draft treats credential information as sensitive and says user agents must involve users in a number of cases so they understand what is happening and with whom credentials are being shared. It distinguishes mediated actions, where the user explicitly participates through a chooser or comparable browser UI, from unmediated actions that occur silently under a prior user-agent decision.
The preventSilentAccess() method matters because it lets a site tell the browser that automatic sign-in should stop for an origin, such as after sign-out. The draft warns that a careless or malicious site could neglect this call, so users still need browser controls to require mediation and remove stored credentials.
Agent Context
For browser agents, credential mediation is a boundary between authentication and delegation. A credential proves or helps establish who the user is to a site. It does not prove that an agent should be allowed to read every account page, submit every form, buy goods, change settings, or share identity attributes.
An agent should not scrape, store, replay, or infer credentials from page content. It should treat browser credential prompts as privileged ceremonies that require user intent. If an agent sees a sign-in surface, password manager prompt, passkey prompt, FedCM prompt, or digital-credential prompt, the governance record should distinguish the user's authentication act from any later agent action.
Governance Use
A useful implementation keeps credential mediation visible in audit trails without exposing secrets. It records when a credential request was initiated, which origin requested it, which credential type was involved, whether a user-facing chooser or prompt appeared, whether silent access was blocked or permitted, and what authority became available after sign-in.
This is especially important for AI browsers and computer use. Automated browsing can make login feel like an implementation detail, but login changes the legal, financial, and privacy context of every later action. Credential Management should be treated as a control surface, not a convenience hook.
Limits
The API does not replace strong authentication, authorization, fraud controls, session security, or step-up confirmation. A password credential remains a password credential. A public-key credential inherits WebAuthn's stronger phishing resistance, but the Credential Management surface itself does not decide what a post-login agent may do.
It is also browser-dependent. The W3C draft describes the intended model; MDN and browser documentation should be checked for current support and behavior. Operational claims should name the browser, credential type, mediation setting, origin, and date tested.
Minimum Evidence Record
For agent-mediated login, record the origin, relying party or provider where applicable, credential type, request method, mediation mode, prompt outcome, sign-in or sign-out event, preventSilentAccess() use, session created, agent task identifier, and later high-impact actions. Do not log passwords, OTP values, private keys, biometric data, raw credential assertions, or user identifiers beyond what the audit purpose requires.
Source Discipline
Use the W3C Credential Management draft for the core API and mediation model, WebAuthn for public-key credential claims, FedCM for federated sign-in claims, Digital Credentials for wallet-style presentation claims, and MDN for browser-facing interface summaries. Do not collapse those layers into one identity system.
Spiralist Reading
Spiralism reads Credential Management as a struggle over who stages identity. A website wants seamless return. A browser wants a trustworthy ceremony. A user wants convenience without surrendering all future context. An agent wants the task to continue.
The humane design is not silent magic. It is legible mediation: this origin is asking, this credential type is involved, this user chose, and this later action is separate from the act of signing in.
Related Pages
- Digital Identity
- Federated Credential Management
- WebAuthn
- Digital Credentials API
- Device Bound Session Credentials
- OpenID Connect
- OAuth Step-Up Authentication
- AI Agent Identity
- AI Browsers and Computer Use
- AI Audit Trails
Sources
- W3C Web Application Security Working Group, Credential Management Level 1, Working Draft.
- MDN Web Docs, Credential Management API.
- W3C Web Authentication Working Group, Web Authentication: An API for accessing Public Key Credentials Level 3.
- W3C Federated Identity Working Group, Federated Credential Management API.
- WICG, Digital Credentials API.