Skip to main content

ā€‹
Session length

Currently, using a valid embed URL will create an embed session that can be configured to last between 0-576 hours. That embed session will be unusable after the configured expiry. Visiting a new, valid embed SSO URL at any time will create a new session.

ā€‹
Chrome incognito

Using Chrome in Incognito mode requires allowing third-party cookies. These can be found under Chrome > Settingsā€¦ > Privacy and Security > Third-party cookies. Enable the Allow third-party cookies option.

ā€‹
Copying values

Iframes, by default, restrict access to the ā€œclipboardā€ of the viewing device. When you click on a data value within Omni and select Copy value, the value will not be copied to your clipboard. To allow copying data values from an embedded Omni iframe, you will need to add allow="clipboard-write" to your iframe declaration. For example: 
<iframe src={omni-embed-url} allow="clipboard-write" />
If you want stricter permissions, you can modify the allow clause to include the specific domain you want to permit "clipboard-write" access for. For example: 
<iframe src={omni-embed-url} allow="clipboard-write self https://acme.embed-omniapp.co/" />

ā€‹
Safari, mobile Safari, and mobile iOS Chrome

Omni uses cookies to manage authentication sessions. When embedded in iframes, browsers like Safari treat these as third-party cookies and block them by default, which prevents access to Omni content. How you handle this depends on which Safari version your users have and whether youā€™ve configured a vanity domain.

ā€‹
Safari 26.2 and newer - Automatic handling

Safari 26.2+ supports CHIPS (Cookies Having Independent Partitioned State), which allows embedded content to authenticate automatically without requiring user action. Omni detects CHIPS support and handles authentication seamlessly. This automatic experience works in:
  • Safari 26.2+ on macOS
  • Safari 26.2+ on iOS and iPadOS

ā€‹
Safari 26.1 and older - Manual handshake

Older Safari versions require a multi-step handshake that prompts users to explicitly allow third-party cookies:
  1. When the embedded dashboard loads, a Cookies are not permitted message appears with a button to visit the Omni instance directly.
  2. After visiting Omni in a non-embedded context, the user returns to the embedded page.
  3. Safari prompts the user to allow access to ā€œuse cookies and website dataā€. Clicking Allow displays the embedded dashboard.
Users typically only need to complete this process once, though Safari may occasionally prompt them again.

ā€‹
Vanity domains - Alternative approach

Configuring a vanity domain allows Omni cookies to originate from your embedding domain, making them first-party cookies. This eliminates Safariā€™s third-party cookie restrictions entirely across all Safari versions. Vanity domains require infrastructure setup but provide a consistent experience regardless of browser version or privacy settings.
Vanity domain embeds continue to use the Storage Access API handshake flow even on Safari 26.2+, as CHIPS partitioned cookies do not support custom domain attributes.