Adds support for WebOTP API calls from cross-origin iframes if enabled by a permission policy.
The WebOTP API gives developers the ability to programmatically read one time codes from specially-formatted SMSes addressed to their origin to reduce user friction. Many sites embed iframes that handle authentication for them. We propose to support the API in cross-origin iframes to address feature requests from the web developer community (e.g. Shopify, iCloud) and improve interoperability.
Status in Chromium
Enabled by default (tracking bug) in:
- Chrome for Android release 91
Consensus & Standardization
Search tagswebotp, web otp,
Last updated on 2021-04-14