Aouth type aothorization


#1

Hi Everyone
I use OAuth solution.
The first step Authorization Endpoint
I generated link https://zoom.us/oauth/authorize?response_type=code&state={sessionKey}&client_id=nWuvKfvLQ42J6Ya8lYugXw&redirect_uri=https%3A%2F%2Fzoom-dev.esynctraining.com%2Flti%2FZoomAuthCallbackAction

If copy this link in browser and I am not logged in Zoom I will be redirect to
https: //zoom.us/oauth/signin?_rnd=1547827105219&client_id=nWuvKfvLQ42J6Ya8lYugXw&_zm_bu=https%3A%2F%2Fzoom.us%2Foauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3D{sessionKey}%26client_id%3DnWuvKfvLQ42J6Ya8lYugXw%26redirect_uri%3Dhttps%3A%2F%2Fzoom-dev.esynctraining.com%2Flti%2FZoomAuthCallbackAction

I have to logged in zoom and after that i will be redirect to https:// zoom-dev.esynctraining.com/lti/ZoomAuthCallbackAction?code=rzmpjVFUs8_hxYospYTROeo73rtvVq-OA&state={sessionKey}

It is OKEY and clear.

But If I use this link
https: //zoom.us/oauth/authorize?response_type=code&state={sessionKey}&client_id=nWuvKfvLQ42J6Ya8lYugXw&redirect_uri=https%3A%2F%2Fzoom-dev.esynctraining.com%2Flti%2FZoomAuthCallbackAction
in IFrame html element of my site I will be redirect to https://zoom.us/oauth/signin. This link does not have url parameters. And it happens only if I use link in IFrame. I can log in zoom but there will not be redirection to callback url.

Why this link does not work in IFrame ?


#2

We do not support the use of OAuth in IFrames. This is recommended by the OAuth 2 spec for security.

https://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-10.13