Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
The Credential Management API enables a website to create, store, and retrieve credentials. A credential is an item which enables a system to make an authentication decision: for example, to decide whether to sign a user into an account. We can think of it as a piece of evidence that a user presents to a website to demonstrate that they really are the person they are claiming to be.
The central interface is the CredentialsContainer, which is accessed through the navigator.credentials property and provides three main functions:
create(): create a new credential.store(): store a new credential locally.get(): retrieve a credential, which can then be used to log a user in.The API supports four different types of credential, which are all represented as subclasses of Credential:
| Type | Interface |
|---|---|
| Password | PasswordCredential |
| Federated identity |
IdentityCredential, FederatedCredential (deprecated) |
| One-time password (OTP) | OTPCredential |
| Web Authentication | PublicKeyCredential |
The guide page Credential types gives an overview of the different credential types and how they are used.
CredentialProvides information about an entity as a prerequisite to a trust decision.
CredentialsContainerExposes methods to request credentials and notify the user agent when interesting events occur such as successful sign in or sign out. This interface is accessible from navigator.credentials.
FederatedCredentialProvides information about credentials from a federated identity provider, which is an entity that a website trusts to correctly authenticate a user, and which provides an API for that purpose. OpenID Connect is an example of such a framework.
PasswordCredentialProvides information about a username/password pair.
Returns the CredentialsContainer interface which exposes methods to request credentials and notify the user agent when interesting events occur such as successful sign in or sign out.
| Specification |
|---|
| Credential Management Level 1> |
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | Edge | Firefox | Opera | Safari | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | WebView Android | WebView on iOS | |
Credential_Management_API |
51 | 18 | 60 | 38 | 13 | 51 | 60 | 41 | 13 | 5.0 | 51 | 13 |
id |
51 | 18 | 60 | 38 | 13 | 51 | 60 | 41 | 13 | 5.0 | 51 | 13 |
isConditionalMediationAvailable_static |
No | No | No | No | 16 | No | No | No | 16 | No | No | 16 |
type |
51 | 18 | 60 | 38 | 13 | 51 | 60 | 41 | 13 | 5.0 | 51 | 13 |
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | Edge | Firefox | Opera | Safari | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | WebView Android | WebView on iOS | |
Credential_Management_API |
51 | 18 | 60 | 38 | 13 | 51 | 60 | 41 | 13 | 5.0 | 51 | 13 |
create |
60 | 18 | 60 | 47 | 13 | 60 | 60 | 44 | 13 | 8.0 | 60 | 13 |
get |
51 | 18 | 60 | 38 | 13 | 51 | 60 | 41 | 13 | 5.0 | 51 | 13 |
preventSilentAccess |
6051–60 | 18 | 60 | 4738–47 | 1713–17This method exists, but always rejected with aNotSupportedError exception. |
6051–60 | 60 | 4441–44 | 1713–17This method exists, but always rejected with aNotSupportedError exception. |
8.05.0–8.0 | 6051–60 | 1713–17This method exists, but always rejected with aNotSupportedError exception. |
store |
51 | 79 | 60 | 38 | 13 | 51 | 60 | 41 | 13 | 5.0 | 51 | 13 |
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | Edge | Firefox | Opera | Safari | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | WebView Android | WebView on iOS | |
FederatedCredential |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
Credential_Management_API |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
protocol |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
provider |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Chrome | Edge | Firefox | Opera | Safari | Chrome Android | Firefox for Android | Opera Android | Safari on IOS | Samsung Internet | WebView Android | WebView on iOS | |
PasswordCredential |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
Credential_Management_API |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
iconURL |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
name |
51 | 79 | No | 38 | No | 51 | No | 41 | No | 5.0 | 51 | No |
password |
60 | 79 | No | 47 | No | 60 | No | 44 | No | 8.0 | 60 | No |
© 2005–2025 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/Credential_Management_API