Add COOP redirect bridge setup documentation for various frameworks (#8398)

- Add error message format change impact on error handling
- Add COOP redirect bridge setup documentation for various frameworks

Author: konstantin-msft

docs/errors.md

@@ -847,7 +847,7 @@ The redirect bridge is a mechanism that enables authentication flows in COOP (Cr
 
 This timeout typically occurs for the following reasons:
 
-1. The page you use as your `redirectUri` is not loading the `msal-redirect-bridge.js` script
+1. The page you use as your `redirectUri` is not loading the redirect bridge script (either via the ESM import from `@azure/msal-browser/redirect-bridge` or the UMD bundle `msal-redirect-bridge(.min).js`)
 1. The redirect page is removing or manipulating the URL hash before the bridge script can process it
 1. The redirect page is automatically navigating to a different page before the bridge can communicate the response
 1. Your identity provider is being slow to redirect back to your `redirectUri` (network latency)
@@ -857,7 +857,28 @@ This timeout typically occurs for the following reasons:
 
 ✔️ **Ensure the redirect bridge script is loaded:**
 
-Your `redirectUri` page must include the redirect bridge script to enable communication back to the main window:
+Your `redirectUri` page must include the redirect bridge script to enable communication back to the main window.
+
+**Option A — ESM (recommended for apps using a bundler such as Vite or Webpack):**
+
+```html
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Redirect</title>
+</head>
+<body>
+    <script type="module">
+        import { broadcastResponseToMainFrame } from "@azure/msal-browser/redirect-bridge";
+        broadcastResponseToMainFrame().catch(console.error);
+    </script>
+</body>
+</html>
+```
+
+**Option B — UMD (for static pages served without a bundler):**
+
+Copy `msal-redirect-bridge.min.js` from `node_modules/@azure/msal-browser/lib/redirect-bridge/` to your public directory, then reference it directly:
 
 ```html
 <!DOCTYPE html>
@@ -866,14 +887,16 @@ Your `redirectUri` page must include the redirect bridge script to enable commun
     <title>Redirect</title>
 </head>
 <body>
-    <script src="path/to/msal-redirect-bridge.js"></script>
+    <script src="/msal-redirect-bridge.min.js"></script>
     <script>
-        msalRedirectBridge.sendRedirectPayloadToMainFrame();
+        msalRedirectBridge.broadcastResponseToMainFrame().catch(console.error);
     </script>
 </body>
 </html>
 ```
 
+For framework-specific setup instructions (Angular, React, Next.js, Vite, Webpack), see the [redirect bridge guide](../lib/msal-browser/docs/redirect-bridge.md).
+
 **Important**: If your application uses a router library (e.g. React Router, Angular Router), please make sure it does not strip the hash or auto-redirect while MSAL token acquisition is in progress. If possible, it is best if your `redirectUri` page does not invoke the router at all.
 
 **Issues caused by the redirectUri page:**
@@ -882,7 +905,7 @@ When you make a silent call, in some cases, an iframe will be opened and will na
 
 ✔️ To solve this problem you should ensure that the page you use as your `redirectUri` is not doing any of these things.
 
-Remember that you will need to register `redirectUri` on your App Registration. We recommend using the HTML code shown above as the content for your registered redirect page.
+Remember that you will need to register `redirectUri` on your App Registration. We recommend using one of the HTML snippets above as the content for your registered redirect page.
 
 **Notes regarding Angular and React:**
 

lib/msal-browser/docs/login-user.md

@@ -183,7 +183,7 @@ Your `redirectUri` must point to a dedicated page that loads the redirect bridge
 3. **Not include routing logic** - Avoid router libraries that might interfere with hash handling
 4. **Be registered in your App Registration** - The URI must match exactly what's registered in Azure portal
 
-**Example redirect page:**
+**Example redirect page (when using a bundler such as Vite or Webpack):**
 
 ```html
 <!DOCTYPE html>
@@ -193,14 +193,18 @@ Your `redirectUri` must point to a dedicated page that loads the redirect bridge
 </head>
 <body>
     <p>Processing authentication...</p>
-    <script src="path/to/msal-redirect-bridge.js"></script>
-    <script>
-        msalRedirectBridge.sendRedirectPayloadToMainFrame();
+    <script type="module">
+        import { broadcastResponseToMainFrame } from "@azure/msal-browser/redirect-bridge";
+
+        broadcastResponseToMainFrame();
     </script>
 </body>
 </html>
 ```
 
+> [!NOTE]
+> The `@azure/msal-browser/redirect-bridge` specifier must be resolved by a bundler (Vite, Webpack, etc.) — it is not a URL that browsers can fetch directly. For framework-specific instructions, see the [Redirect Bridge setup guide](./redirect-bridge.md).
+
 ### Configuration
 
 You can set the `redirectUri` globally in your MSAL configuration or on a per-request basis:
@@ -236,10 +240,10 @@ For more information and complete sample implementations, see:
 
 For popup flows, you can use the `overrideInteractionInProgress` flag to cancel a pending interaction and start a new one. This is useful for recovery scenarios where the user cancelled a popup or an interaction failed.
 
-> [!NOTE] 
+> [!NOTE]
 > This feature is **only available for popup flows** and is **not supported for redirect flows**. With the COOP (Cross-Origin-Opener-Policy) header, the traditional `window.opener` connection is severed, allowing popup windows to communicate with the main frame only via BroadcastChannel.
 
-> [!CAUTION] 
+> [!CAUTION]
 > Setting this to `true` will forcefully cancel any pending popup authentication request but **will not** close any open popups.
 
 **When set to `true`:**