This page is served from a separate, TLS-secured, and white-listed domain simulating where our client application is served from. This represents our UI at https://apps.powerapps.com with all its functionalities and styling.
Below is an embedded iframe calling our authentication service from a different domain. In a real scenario, this iframe would likely be made both invisible and of zero-size dimensions, but here it is the focus for POC purposes.
If user authentication is successful from within the iframe, the browser will store the returned session cookie for the Serving FastAPI domain in the embedding Client-App hosting domain within this user's browser tab, enabling additional authenticated communication from Client to Server across domains.
Embedded Service Login Page Deployed Domain:
❌ You are NOT logged in yet...