Login cross-site with new universal login and iFrames

Hello everyone,

I am currently trying to deal with being able to log in with Auth0 in a .NET Core App embedded in another .NET Core App via iFrame:

  • Using the regular flow, lead by parent app, the authentication works fine. The parent web application leads the login process, redirecting to Universal Login window when it is needed and completing the login process. The embedded app does some sort of silent authentication after, so both apps are successfully authenticated.

  • When a timeout occurs in the embedded app → the login process is triggered by it instead of the parent app, so the Universal Login window needs to be shown in the embedded application and the following error appears in Console tab:

I have checked other posts about this issue, but we are using New Universal Login instead of Classic so there is no point in trying to disable clickjack protection from tenant settings to omit security headers being set to none.

Are there any other solutions to allow this type of login?


We are dealing with the same issue as well. Appreciate any suggestions!

same issue here with iFrame