1. Web
  2. Web APIs
  3. IdentityCredential
  4. disconnect()

IdentityCredential: disconnect() static method

Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The disconnect() static method of the IdentityCredential interface disconnects a specified federated sign-in account from the IdP used to obtain the credential.

Afterwards, using that account for federated login requires starting the federated sign-in process again.

Syntax

js
IdentityCredential.disconnect(options)

Parameters

options

An options object, which can contain the following properties:

accountHint

A string specifying an account hint that the IdP uses to identify the account to disconnect. The hint can be an arbitrary string as long as the disconnect endpoint can identify the account — for example an email address or user ID. This will not necessarily match the account ID provided by the accounts list endpoint.

clientId

A string specifying the RP's client identifier, as specified in the providers clientId property during sign-in.

configURL

A string specifying the config file URL of the IdP, as specified in the providers configURL property during sign-in.

Return value

A Promise that fulfills with undefined.

Exceptions

InvalidStateError DOMException

Thrown if:

  • The IdP's configURL is invalid or missing the disconnect_enpoint.
  • The document's origin does not match the configURL.
NetworkError DOMException

Thrown if:

  • The browser is unable to connect to the IdP.
  • The request is disallowed by a connect-src Content-Security-Policy.
  • Another disconnect() call was previously made that has not yet resolved.
  • The FedCM API has been disabled globally.
  • The IdP's configURL is neither secure nor potentially trustworthy.
NotAllowedError DOMException

Thrown if the embedding <iframe> does not have a identity-credentials-get Permissions-Policy set to allow the use of disconnect() or if the FedCM API is disabled globally by a policy set on the top-level document.

Examples

Basic disconnect() usage

The RP may disconnect a specified federated sign-in account from the associated IdP by invoking disconnect(). This function can be called from a top-level RP frame.

js
IdentityCredential.disconnect({
  configURL: "https://idp.example.com/config.json",
  clientId: "rp123",
  accountHint: "account456",
});

For a disconnect() call to work, the IdP must include a disconnect_endpoint in its config file. See The disconnect endpoint for more details of the underlying HTTP communication.

Specifications

Specification
Federated Credential Management API
# dom-identitycredential-disconnect

Browser compatibility

See also

Help improve MDN

Learn how to contribute

This page was last modified on by MDN contributors.

View this page on GitHubReport a problem with this content