This issue aims to describe scenarios for enterprise IDPs where admins may consent on the end users' behalf. In these scenarios, FedCM would need some sort of signal to remove or minimize the prompts shown to users and grant access for that IdP-user-RP relationships. This is related to issue #20 in IDP registration but expands to more than just IDP registration.

There are varying levels of management from enterprise IdPs:

• Managed Device: the IDP manages the whole hardware device
• Managed Browser: the IDP manages the browser
• No "Pushed" Management: where the IDP manages the relationships between user-RP-IDP on the server side, but does not push management policies onto the client device or browser

An assumption is that as the level of management increases, the number of prompts to the end user would decrease. What types of signals could FedCM consume from enterprise IdPs to reduce prompts?

Enterprise policies for managed devices could remove all (?) end user prompts, ex: IDP registration, consent to share RP & IdP relationship.

For managed browsers, is a user logging into a browser profile sufficient signal for FedCM grants to remove end user prompts?

For when there is no pushed management, what signal methods could exist?