Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Implement Embedded Login

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Implement Embedded Login

            Let’s add Embedded Login to a web page on your website. To do so, follow the steps outlined here.

            Warning
            Warning In Summer ’24, Salesforce made Embedded Login disabled by default. We recommend that you use the web server flow, the user-agent flow, or another redirect-based OAuth 2.0 flow instead of Embedded Login.

            Embedded Login relies on third-party cookies, which are blocked or restricted in most browsers. And Embedded Login works only on Google Chrome and only as long as third-party cookies are allowed there by default.

            • Prerequisites: Configure Your Experience Cloud Site and Website
              Before you implement Embedded Login, you need an Experience Cloud site and your own website.
            • Step 1: Enable Resource Sharing Across Domains
              Embedded Login entails making web requests outside the website boundaries, but for security reasons, web requests are restricted to the current domain. To enable a website to share resources beyond its boundaries, the Salesforce admin adds trusted website domains to Salesforce’s Cross-Origin Resource Sharing (CORS) allowlist. CORS is an industry standard that enables web browsers to make requests from origins other than their own.
            • Step 2: Create the Embedded Login External Client App
              From your Salesforce community, create an Embedded Login external client app to connect your community with your website. The external client app handles communication between your web page and the Salesforce back end.
            • Step 3: Enable Embedded Login on a Web Page
              On the web page where you want to add login capabilities, enter Embedded Login meta tags inside the <head> HTML element at the top of the page.
            • Step 4: Write Login and Logout Functions
              On the web page, provide a login and optional logout JavaScript function in the body to handle onLogin and onLogout events. With these functions, you determine what happens when users log in and out successfully. You have full control over what happens.
            • Step 5: Handle the Embedded Login Callback
              When a user logs in to a website, the Embedded Login callback URL receives the access token and uses it to retrieve user information. Both the access token and user information can be stored to local storage. Depending on your implementation, you can create a callback to handle the response on either the website (client) or the server.
             
            Loading
            Salesforce Help | Article