@pdagar29 - I’ve run into this issue as well… while trying to embed locally in a SPA, while using a “remote” Metabase. Metabase will continuously loop trying to get
/user/current after successful “sign-in”.
The solve for me, is to deploy my web app to the same TLD (top level domain) - everything then begins to work.
A couple of things to validate: Make sure you’ve got SSO setup correctly so that sign-on in your web app, creates a session in your IdP that Metabase can use, which regardless of embedding, will allow you to “switch” between both applications with only having to log into one (or the other).
Next, I found the only way for this to work is if Metabase and my custom SPA app were on the same domain. For example Metabase can be reached at: https://analytics.mydomain.com - and if I hosted my SPA on https://myapp.mydomain.com - the embed worked perfectly (so long as SSO was working).
I’m hoping a potential solve could be that they build in some sort of “whitelabel” for localhost remote address requests which would allow this type of “development” to happen. That is to say, allow embedding of a remote Metabase instance into a locally running app for development and testing purposes.
I first recorded this issue here: Enterprise Embed - Endless 401 Loop after initial load