Knack Embed Forcing login on separate popup screen

I have noticed a new issue occuring with my apps when embedding them into my websites. The issue is that the login screen has now dissapeared and each app has a “Login” button that when pressed, redirects the user to the knack site where the app is live to login. Once logged in using this popup form, the app loads in the popup and will not load in the embedded site unless the user refreshes the page. I have a few example sites where this is occuring for testing purposes:

These sites are setup in various ways, a couple using wordpress and others a generic site builder so it is odd that the issue is occuring on all sites.

I have logged this with support who suggest it is a third party cookie issue, however I have all third party cookies enabled for each site in different browsers and the same issue is reproduced on chrome, edge, firefox and brave browsers.

Has anyone else been experiencing the same issues and if so, any solutions?

Yes we’ve noticed this too and checking the User settings as we speak on that app…

I have tried to replicate the issue or even creat different apps from scratch with the bare bones to try and not replicate the issue and it unfortunately occurs every time on every app creation. Not sure of the solution. Support suggested it was a third party cookie block on browsers but even with this enabled on browser level, the issue remains.

Switching to Tokens in the Embedded Login Security for User Logins did the trick for our app.

I was also advised to do this by Support however tokens have comprosmised security which is a risk for the app.

This article on Knack provides some further info on this: Embedded Login Security Settings.

What I am unable to understand is why this changed about 2 weeks ago. We previously had the user login page visible on the embedded site however this changed about 2 weeks ago where the login screen moved to a button and popup window. Logging in on the popup window loads the app in the popup window and is not white labelled which defeates the purpose of embedding in our case.

Using tokens allows the login screen on the embedded app page however has vulnerabilities which compromise security.


This is happening on my app as well. It was a change about a week or two back and it’s definitely something that Knack pushed through in an update. It would be helpful if they sorted it out quickly as it provides a severely diminished user experience for my clients.

Is there any update on this from Knack or are we all waiting another 3 weeks for this bug to get fixed?

Unfortunately still nothing. I have not heard back from tech support other than to say it is a third party cookies issue at browser level. I have all third party cookies enabled on all browsers for, the host IP, host domain, google, amazon AWS and anything else I can find that might have a third party cookie associated with the app and nothing changes.

It is very dissapointing that this is not getting the attention it needs.

1 Like

The last response was deleted for use of abusive language, which is in violation of the community guidelines.

Hi Ali! Kat here. I’m discussing this matter with our product, engineering, and security heads right now. Support has been advocating for this to be addressed. I will continue to make some noise until we get a resolution.


Hi @Kat hoping to hear some updates about where this is at? It has been some time and still the same behaviour observed.

We too are experiencing this with our embedded apps. It would be great to see a resolution, as some are customer facing, so we have similar concerns about the disjointed experience and loss of branding when kicked over to the knack domain.

Thanks for the link, very useful indeed!

@Kat Any update on this? I have a customer facing website, so I am unable to use tokens. Thank you!

Hi Suzanne! :wave:

I’m not Kat, but I would like to share that I have looked into this issue again internally, and we have engineers working on the best way to address it. They are actively collaborating, researching, and investigating to find the best solution.

I know that it has been a while since this thread and related threads were brought up about this issue, but please know our team is taking this seriously and is not putting our customers’ concerns around this issue to the side and it has not been forgotten.

Please let our team know if you have any questions about this by reaching out via this form.

Thank you for your patience! :pray:

Thank you @Les! Glad to know you guys are still on top of it!

1 Like

This is not very good really? We have a number of serious problems that require the pop up to close and return the user to the parent embed… Are there any javascript options to close the popup when the login is successful?

Hi Chris,

I’m sorry, Knack hasn’t offered JavaScript options to close the popup upon successful login automatically. However, I’ve shared your response to this issue and all of the other responses in the forum with the team working on this issue. If they provide any custom code to work around this issue before it’s resolved, I will be sure to let you know.