Iframe support for cognito hosted UI

I'd like to use an iframe to support the use of cognito via the provided hosted UI.

This enables several use cases:

Allows for SPAs to display the login page without losing the context of the host page
Allows for applications to extend the refresh token without requiring a navigation to cognito's hosted UI

This could be done securely by Cognito by enabling the configuration of the frame-ancestors CSP directive. Is this on the roadmap?

Alternatively, could I place a proxy in front of the hosted cognito UI adding in the required CSP directives? I tried this however the cookies are not set as expected. I noticed the hosted UI is multi-domain and retrieves resources from cloudfront - perhaps that is causing issues?

Topics

Security, Identity, & Compliance

Relevant content

Hook up custom login page with Cognito Hosted UI
rePost-User-2620798
asked 2 years ago
Cognito Hosted UI redirects user to secondary login page after successful login
Michael Williams
asked 6 months ago
How to Allow a Site Hosted with Amazon to Be Embedded in an iFrame?
Mathias
asked a year ago
Programmatic login using cognito hosted ui
systematicguy
asked 2 years ago
How do I use the forgot password flow in Amazon Cognito?
AWS OFFICIALUpdated a year ago
How do I configure the hosted web UI for Amazon Cognito?
AWS OFFICIALUpdated 2 years ago
I'm using an Amazon S3 bucket to host my static website. Why is the bucket returning a list of objects instead of the website's index page?
AWS OFFICIALUpdated 5 years ago
How do I allow API Gateway REST API users to run Lambda using the execution role from an Amazon Cognito user pool group?
AWS OFFICIALUpdated a year ago
AWS Cognito Finally Supports Custom Claims for Access Tokens
EXPERT
Antonio_Lagrotteria
published 2 months ago
Announcing support for multiple host keys and key types for AWS Transfer Family servers
EXPERT
sagarb-aws
published 2 years ago