Hello, I'm not sure why you want to do this (this is hackers' dream) but if you want to iframe [login to view URL] you can't because of CORS policy (X-Frame-Options) which can be set via php header(), however if you don't care about Cookies and catching the users' cookie & session, you should consider using cURL with the right configuration