Skip to main content

Popup Sign-In (Auth0 Lock-style)

Open a popup window for authentication. The user authenticates on

auth.zewstid.com
in the popup, and your parent page receives the result via
postMessage
. No full-page redirect required.

SDK Version: Requires

@zewstid/nextjs
v0.9.0+

When to Use Popup Sign-In

Use CaseRecommended
User is filling a form and you don't want to lose statePopup
SPA with complex client-side statePopup
Simple login pageRedirect (simpler)
Mobile webRedirect (popups blocked)

Quick Start

1. Create the Popup Callback Page

// app/popup-callback/page.tsx
import { PopupCallback } from '@zewstid/nextjs';

export default function PopupCallbackPage() {
  return <PopupCallback />;
}

This page receives the OAuth callback inside the popup and relays the result to your parent window via

postMessage
.

2. Add the PopupSignIn Button

'use client';
import { PopupSignIn } from '@zewstid/nextjs';
import { useRouter } from 'next/navigation';

export function LoginButton() {
  const router = useRouter();

  return (
    <PopupSignIn
      onSuccess={() => router.push('/dashboard')}
      onError={(err) => console.error('Auth failed:', err)}
    >
      Sign in with ZewstID
    </PopupSignIn>
  );
}

That's it. The button opens a popup, the user authenticates, the popup closes, and

onSuccess
fires.

How It Works

1. User clicks PopupSignIn button
2. Popup opens to auth.zewstid.com with ?display=popup
3. ZewstID renders compact login theme (no header/footer)
4. User authenticates (password, social, OTP, etc.)
5. ZewstID redirects to /popup-callback in the popup
6. PopupCallback sends postMessage to parent window
7. Popup auto-closes
8. Parent receives message, NextAuth session updates
9. onSuccess() fires in your app

API Reference

<PopupSignIn>

PropTypeDefaultDescription
provider
string
"zewstid"
OAuth provider ID
children
ReactNode
"Sign in with ZewstID"
Button content
onSuccess
() => void
-Called on successful auth
onError
(error: string) => void
-Called on auth failure
callbackUrl
string
"/popup-callback"
Popup callback route
popupWidth
number
500
Popup window width in px
popupHeight
number
700
Popup window height in px
className
string
-CSS class (disables default styles)
style
CSSProperties
-Inline styles
disabled
boolean
false
Disable the button

<PopupCallback>

PropTypeDefaultDescription
successMessage
string
"Authentication successful! Closing window..."
Message on success
notPopupMessage
string
"This page should be opened in a popup window."
Message when not in popup
autoCloseDelay
number
1500
Delay before auto-close (ms)
className
string
-CSS class
style
CSSProperties
-Inline styles

Popup Blocker Fallback

If the browser blocks the popup,

PopupSignIn
automatically falls back to a full-page redirect via
signIn('zewstid')
. The
onError
callback fires with
"Popup was blocked. Please allow popups for this site."
before the redirect.

Custom Styling

Pass a

className
to use your own styles (default gradient styles are disabled when
className
is set):

<PopupSignIn className="btn btn-primary" onSuccess={handleSuccess}>
  Sign in
</PopupSignIn>

Or use inline

style
to extend the defaults:

<PopupSignIn
  style={{ background: '#1a1a2e', borderRadius: '12px' }}
  onSuccess={handleSuccess}
>
  Sign in
</PopupSignIn>

Non-Next.js Apps

For React SPAs, Vue, Svelte, or other frameworks, use the standalone popup callback HTML served by the API Gateway at

https://api.zewstid.com/popup-callback
. This handles the
postMessage
relay without NextAuth.

// Open popup manually
const popup = window.open(
  'https://auth.zewstid.com/oauth/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=https://api.zewstid.com/popup-callback&response_type=code&scope=openid&display=popup',
  'zewstid-signin',
  'width=500,height=700'
);

// Listen for result
window.addEventListener('message', (event) => {
  if (event.data?.type === 'zewstid:auth:success') {
    // Exchange event.data.code for tokens
  }
});

Was this page helpful?

Let us know how we can improve our documentation