Should CSAM/itsme remain available?
Recommendation
Yes. Keep them as strong identity and fallback mechanisms.
Context
With passkeys being introduced progressively, it's worth asking whether CSAM and itsme should eventually be deprecated in favor of a single passkey-based flow.
Options considered
-
Deprecate CSAM/itsme over time
Migrate all members toward passkeys exclusively, phasing out federal identity integrations.
-
Keep CSAM/itsme as permanent parallel paths
Maintain CSAM and itsme as first-class, equally supported login and identity-proofing methods alongside passkeys.
-
Keep but hide by default
Retain the integrations technically but surface them only on request, defaulting every member to passkeys.
Rationale
CSAM and itsme already provide verified, government-backed identity that passkeys don't replace — they solve identity proofing, not just repeat authentication. They also serve members without compatible devices for passkeys. Removing them would create the exact fallback gap this playbook warns against in [Safe fallback design](/patterns/safe-fallback-design).
Risks
- Maintaining three parallel identity integrations (password, itsme, CSAM) plus passkeys adds ongoing engineering and support surface area.
- Members may still default to whichever method they used last, rather than the most appropriate one, without a centralized methods screen.