Using Auth0 login in iFrame

tyf · May 14, 2024, 10:23pm

Doing a bit of combing through our backlog and wanted to update this topic for any future users ending up here

There is some configuration required in order to allow for logging in using an iframe:

github.com/auth0/nextjs-auth0

Honor configured sameSite in transient cookies so you can login to iframe using 'none'

auth0:main ← auth0:transient-samesite

opened 10:27AM - 06 Jan 22 UTC

adamjmcgrath

+46 -2

### Description Honor the `SameSite` configuration (which defaults to 'lax') …when setting the transient nonce/state cookies. This will allow users to login to iframes over https when using the [AUTH0_COOKIE_SAME_SITE](https://auth0.github.io/nextjs-auth0/interfaces/config.cookieconfig.html#samesite) config set to `'none'` ### References Same as https://github.com/auth0/express-openid-connect/pull/188 fixes #541 ### Testing Tested by logging in to auth0 from an iframe in https://codepen.io/adamjmcgrath/pen/bGoKBMW ### Checklist - [x] I have added documentation for new/changed functionality in this PR or in auth0.com/docs - [x] All active GitHub checks for tests, formatting, and security are passing - [x] The correct base branch is being used, if not `main`

In particular you will need to set AUTH0_COOKIE_SAME_SITE to none.

Topic		Replies	Views
Login cross-site with new universal login and iFrames Get Help login-experience , new-universal-login-experience	5	1855	January 28, 2025
State error with auth0-js and iframe implementation Get Help	3	3470	July 22, 2021
Login page not open in iframe Get Help iframe	4	9826	February 15, 2020
Auth0 on iframe Get Help	2	4477	March 18, 2020
Auth0/nextjs Help with SilentAuth for SSO Integration Help nextjs	0	1953	November 6, 2022

Using Auth0 login in iFrame

Related topics