This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

This feature has been removed from the Web standards. Though some browsers may still support it, it is in the process of being dropped. Avoid using it and update existing code if possible; see the compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time.

The additionalData property of the PasswordCredential interface takes one of a FormData instance, a URLSearchParams instance, or null. The data in the objects will be added to the request body and sent to the remote endpoint with the credentials.


passwordCredential.additionalData = formData
formData = passwordCredential.additionalData
passwordCredential.additionalData = urlSearchParams
ulrSearchParams = passwordCredential.additionalData


One of a FormData instance, a URLSearchParams instance, or null.


The following example creates a FormData object with an appended CSRF token. It then stores the form object in the additionalData parameter, before sending it to server in a call to fetch.

//The options object was previously created. 
navigator.credentials.get(options).then(function(creds) {
  if (creds.type == 'password') {
    var form = new FormData();
    var csrf_token = document.querySelector('csrf_token').value;
    form.append('csrf_token', csrf_token);

    creds.additionalData = form;

    fetch('https://www.example.com', {
      method: 'POST',
      credentials: creds


Specification Status Comment
Credential Management Level 1 Working Draft Initial definition.

Browser compatibilityUpdate compatibility data on GitHub

Chrome Edge Firefox Internet Explorer Opera Safari
Basic support 51 ? ? ? ? ?
Android webview Chrome for Android Edge Mobile Firefox for Android Opera for Android iOS Safari Samsung Internet
Basic support 51 51 ? ? ? ? ?

© 2005–2018 Mozilla Developer Network and individual contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.