I’m integrating the Zoom Phone Smart Embed using the iframe approach as documented.
The iframe loads and the Zoom Phone UI appears correctly, but window.onZoomPhoneIframeApiReady is never called.
My parent page is on a different origin from application.zoom.us I suspect this is a cross-origin issue — the iframe cannot call window.parent.onZoomPhoneIframeApiReady() directly due to the browser’s Same Origin Policy.
My setup:
<iframe
src="https://applications.zoom.us/integration/phone/embeddablephone/home"
id="zoom-embeddable-phone-iframe"
allow="clipboard-read; clipboard-write https://applications.zoom.us"
>
</iframe>
window.onZoomPhoneIframeApiReady = () => {
console.log('fired'); // never logged
const iframe = document.querySelector('iframe#zoom-embeddable-phone-iframe');
if (!iframe?.contentWindow) return;
iframe.contentWindow.postMessage({
type: 'zp-init-config',
data: { enableSavingLog: false, enableAutoLog: false }
}, 'https://applications.zoom.us');
setTimeout(() => {
iframe.contentWindow.postMessage({
type: 'zp-make-call',
data: { number: phoneNumber, autoDial: false }
}, 'https://applications.zoom.us');
}, 1500);
};
What I observe:
- The Zoom iframe loads successfully
window.onZoomPhoneIframeApiReadyis defined but never called- Listening to
window.addEventListener('message', ...)I can see an undocumentedzp-readypostMessage arriving from the iframe
Questions:
- Is
onZoomPhoneIframeApiReadyintended to work in cross-origin setups, or only when the parent page is on azoom.ussubdomain? - Is
zp-readythe intended mechanism for detecting iframe readiness in cross-origin setups? Is it stable and safe to rely on? - Is the documented
onZoomPhoneIframeApiReadypattern outdated?