User Profile

I am running into the same issue, and wasn't able to determine the cause while using Chrome. On Firefox, however, the message was clearer: Failed to execute ‘postMessage’ on ‘DOMWindow’: The target origin provided (‘https://x.example.com’) does not match the recipient window’s origin (‘https://y.example.com’). It appears the iframe is only allowed to do the "post" on the same origin as the page that opened the popup. This is not at all explained in Apple's documentation - https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms. Is there no way to customize the iframe behavior of the Apple SDK so that additional origins can be allowed for the postMessage call? Currently, our auth service (which is what should receive the callback) is on a different subdomain than the page initiating the popup. Working around this won't be a trivial change for us.