iFrames

Frontend contract for embedding VRPlatform UI

iFrames

Your frontend should receive only this session payload from your backend:

{
  "accessToken": "<vrplatform-bearer-token>",
  "tenantId": "4f8f94de-2cc0-4ec7-a7f8-f0c7f560e59a",
  "expiresAt": "2026-04-01T12:00:00.000Z"
}

Frontend Request Model

The iframe calls the product API with:

Authorization: Bearer <accessToken>

Target host:

https://api.edge.vrplatform.app

Frontend Flow

your backend issues a session with POST /auth/embed/session
your frontend loads the iframe with the returned session payload
the iframe calls product APIs with Authorization: Bearer <accessToken>
when expiresAt is near or past, your frontend asks your backend for a new session

Session Backend

Backend contract for issuing iframe sessions to embedded users

Storybook

Planned examples for iframe integration and embedded UI states

On this page

iFrames Frontend Request Model Frontend Flow Related