Using Auth0 Lock in popup mode

Question

I am using Auth0 to implement social login with Google in my Ionic application.

I had set redirect option equal to false as per the documentation and this opens up a new tab.

Now when I set redirect equal to true (default) then as per the documentation it should display the login window in a popup, but I am getting the following error:

Refused to display 'https://accounts.google.com/AccountChooser?continue=https://accounts.google….com%26from_login%3D1%26as%3D-13354ff19852788a&btmpl=authsub&scc=1&oauth=1' in a frame because it set 'X-Frame-Options' to 'DENY'

I know because I am trying to open this inside localhost, that is why I am getting this error. But how can I test this feature in my local environment?

Answer 1

Per the documentation on Auth0 Lock settings if you set the redirect option to false (overriding the default of true) will trigger the use of popup mode.

redirect - Defaults to true. When set to true, redirect mode will be used. If set to false, popup mode is chosen.

Use of the popup mode can result in a new tab or window to be opened while using the default redirect mode uses the current window to redirect to the identity provider.

The error you obtain when using redirect=true seems to indicate that you use iframes within your application and you're trying to perform the authentication from inside of an iframe. This is not supported by the Google identity provider as implied by the use of X-Frame-Options: DENY in the response from Google. (this header requests that the browser fails the navigation if it's within an iframe)

In conclusion, the error is not directly caused by Lock.