I have a client application that is using vanilla JavaScript and jQuery. The client uses Microsoft Azure AD for their SSO and we get the typical X-Frame-Options = 'deny".
In the organization settings we have the pop-up authentication enabled. But it still just goes to the login window. In the documentation it does not look like there are any extra parameters for loginImplicitGrant that I am missing. Is this not doable in vanilla JS? We are 100% client side in our app. I found this library but the CDN is down to use it in a browser and I am not running a node.js implementation.
If you're trying to use SSO directly, i.e. not using a normal auth flow that presents the user with the login screen then they choose a SSO provider, you'll need to implement the OAuth 2.0 SAML2 Bearer flow as documented here: https://developer.genesys.cloud/authorization/platform-auth/use-saml2-bearer. Keep in mind that this isn't possible in a frontend-only web app; this grant requires a server-side or native desktop app integration.
meant to reply directly, but we do want to use the normal auth flow where the user just selects the SSO provider. However for Microsoft it cannot be in the iframe and must pop to a new window. I am not seeing anyway outside of that library to do it in documentation.
I can't find any docs for that setting on the Resource Center, but I believe that's only referring to the core Genesys Cloud app (the one at apps.mypurecloud.com). There are numerous parts of the app that are iframed in; it's not a single monolithic app. I believe those built-in apps that are transparent to you are what it's referring to. This distinction is important because that feature is a function of the embedded app, not of the login screen.
You would need to replicate that behavior in your own app. Instead of initiating the oauth flow directly in your app, your app would open a popup window that initiates the oauth flow in the popup. You will need to build something into your app to allow the popup window to set the auth token for your app so it knows when the flow has completed successfully.
The project you linked above might help provide this, or at least provide a reference implementation of the popup flow. I'm honestly not familiar with that project, but if you have questions about it ask them and I'll tag someone else in to answer them.
Thanks Tim! I was hoping there was a built in method for the SDK to avoid too many customizations. I'll go the custom route with opening a new window and using localStorage event similar to that library.
