Do third-party logins work inside an iframe?
I would like to build a simple web application and let partners embed it within their sites. I intend to let the partners embed it using an iframe, much like youtube:
The app would require login via third-party authentication providers (e.g. Google, Facebook, OpenID).
Will such an authentication method be a problem within the scope of an iframe?
This approach may be a little problematic but doable. Many of the authenticate provider that use OAUTH for example (Google, Facebook, OpenID) will redirect users to a set URL after they have logged in and authenticated the application. You'll have to figure out a way to get them back to the page they came from (the one with the iframe). I am guess you can figure out where your iframe is being hosted (window.top, window.parent, i.e) save that information in the SESSION or a COOKIE, then return the user back to the page once they are done authenticating.