I am currently trying to deal with being able to log in with Auth0 in a .NET Core App embedded in another .NET Core App via iFrame:
Using the regular flow, lead by parent app, the authentication works fine. The parent web application leads the login process, redirecting to Universal Login window when it is needed and completing the login process. The embedded app does some sort of silent authentication after, so both apps are successfully authenticated.
When a timeout occurs in the embedded app → the login process is triggered by it instead of the parent app, so the Universal Login window needs to be shown in the embedded application and the following error appears in Console tab:
I have checked other posts about this issue, but we are using New Universal Login instead of Classic so there is no point in trying to disable clickjack protection from tenant settings to omit security headers being set to none.
Are there any other solutions to allow this type of login?
Thank you for posting your inquiry on the Auth0 Community!
I am sorry about the late reply to your post.
Unfortunately, as mentioned in this community post by one of my colleagues, the New Universal Login does not support the use of iFrames at this time. This community post addresses a possible solution if you are using NextJS for your application.
You can also view our knowledge article regarding iFrame login for a possible solution to the issue that you are facing.
