GitHub

SSO in iframe Test

This page embeds the auth flow in an iframe to test SSO functionality inside a Next.js app.

@neondatabase/auth supports OAuth flows from within iframes

Unlike many auth libraries that break when embedded, Neon Auth handles OAuth popups correctly even when your app runs inside an iframe — perfect for embedded apps, widgets, and multi-tenant platforms. The SDK detects the iframe context and automatically opens the OAuth provider in a popup, then completes the session in the iframe via postMessage.

Test Route:
iframe src: /auth/sign-in

What to test:

  • Click the Google (or any social) SSO button inside the iframe
  • Verify the OAuth popup window opens correctly
  • Complete the SSO flow in the popup and confirm the session is established back inside the iframe
  • Check the browser console for any X-Frame-Options / CSP errors (there should be none)
  • Email/password and magic-link flows should also work normally without any popup