Skip to content

Commit

Permalink
Apply suggestions from code review from johann
Browse files Browse the repository at this point in the history
Co-authored-by: Johann Hofmann <[email protected]>
  • Loading branch information
bvandersloot-mozilla and johannhof authored Jun 4, 2024
1 parent a9bbe1e commit 7923a67
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -177,8 +177,8 @@ let credential = await navigator.credentials.get({
```

The browser sees there is no credential in the credential store that would work for `example.com`.
So it falls back and opens the `loginURL` in a tab of the RP's choosing.
Since it is not specified, we assume the current tab.
So it falls back and opens the `loginURL`. The RP can choose whether to open this URL in a pop-up or via a redirect.
The API defaults to redirecting the user to the `loginURL`.
There, the user goes through some authentication and/or authorization flow entirely of the identity provider's choosing, after which the identity provider stores a credential with some code like this:

```js
Expand Down Expand Up @@ -210,7 +210,7 @@ We need to bypass the requirement for user interaction here if we had user inter

Note that in the case of a popup, the credential chooser should show once the identity provider stores a credential that is effective for the pending credential request on the relying party, removing the need for the relying party to call `navigator.credentials.get` a second time.

### Scenario 2: User logs in with one of many identity providers, or other types of credential
### Scenario 2: User logs in with one of many identity providers, or other types of credentials

In this scenario the user has made some indication to the site that they want to log in.
The specifics of that interaction dictate what Credential types are appropriate.
Expand Down

0 comments on commit 7923a67

Please sign in to comment.