⚠️ In Development mode the page must be served over HTTPS
or localhost via npx serve .
⚠️ Browser prerequisite — Third-party cookies must be allowed for apps.mypurecloud.com.au
The Embedded Framework uses a cookie written by the login popup to pass the auth token back to the iframe.
Because the iframe is embedded inside a different domain (GitHub Pages), browsers treat this as a third-party cookie and block it by default.
Fix (Edge / Chrome):
Settings → Privacy, search, and services → Cookies and other site data →
Sites that can always use cookies → Add [*.]mypurecloud.com.au. Quick links:Open Edge Cookie SettingsOpen Chrome Cookie Settings
Symptom if missing:
Login popup opens and closes, but the iframe stays on "Waiting for credentials..."
(document.cookie is blank in the iframe context).
Permanent workaround:
Host your CRM page on the same domain as the iframe (e.g. a subdomain of mypurecloud.com.au)
so the cookie is first-party. GitHub Pages cannot do this.
Alternatively, contact Genesys Support to request CHIPS (Partitioned cookie) support
for the authWindow.html flow.