Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Create an Embedded Login Client-Side Callback

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Create an Embedded Login Client-Side Callback

            To create a client-side callback, you add a web page to your website and specify a few Embedded Login meta tags inside the <head> HTML element.

            Warning
            Warning In Summer ’24, Salesforce made Embedded Login disabled by default. We recommend that you use the web server flow, the user-agent flow, or another redirect-based OAuth 2.0 flow instead of Embedded Login.

            Embedded Login relies on third-party cookies, which are blocked or restricted in most browsers. And Embedded Login works only on Google Chrome and only as long as third-party cookies are allowed there by default.

            The client-side callback takes the access token from Salesforce and writes it to local browser storage for future access. Regardless of how many web pages that you add login capabilities to, you create only one callback page.

            Note
            Note For security, the callback page must be on the same domain as the web pages containing Embedded Login.
            1. Create a page on your website and call it _callback, for example, _callback.php.
            2. Enter the following required meta tags inside the <head> HTML element of this _callback page.
              • salesforce-community
              • salesforce-allowed-domains
              • salesforce-mode (where the value ends in -callback)
              Note
              Note The value of the salesforce-mode meta tag is the same mode specified in the Embedded Login web page with the -callback suffix. For example, if salesforce-mode on the web page is set to modal, the value is modal-callback.
            3. If desired, enter these optional meta tags.
              • salesforce-save-access-token with the value true to save the access token after initialization. By saving the access token, you can continue to interact with Salesforce during the active user session.
              • salesforce-logout-on-browser-close
            4. Keep the body empty: <body></body>.
            Example
            Example 
            <html>
<head>
    <meta name="salesforce-community" content="https://embeddedlogin-dev-ed.my.site.com/demo">
    <meta name="salesforce-client-id" content="3MVG9Iu66FKeHhIPrRneLTDFdiuLfgLjycFpg6SbLpZAJScEXuD.oRdaWnJE7QGNFWHxunp0ut1">
    <meta name="salesforce-mode" content="inline-callback">
    <meta name="salesforce-save-access-token" content="false">
    <meta name="salesforce-allowed-domains" content="embeddedlogin.heroku.com">
    <meta name="salesforce-redirect-uri" content="https://embeddedlogin.heroku.com/_callback.html">
    <meta name="salesforce-target" content="#salesforce-login">
    <meta name="salesforce-login-handler" content="onLogin">
    <meta name="salesforce-logout-handler" content="onLogout">
    
    <script src="https://embeddedlogin-dev-ed.my.site.com/demo/servlet/
            servlet.loginwidgetcontroller?type=javascript_widget" async defer></script>
</head> 
<body></body>        
</html>
             
            Loading
            Salesforce Help | Article