diff --git a/docs-v2/pages/connect/managed-auth/quickstart.mdx b/docs-v2/pages/connect/managed-auth/quickstart.mdx
index b63f389a81967..8705221ba5e83 100644
--- a/docs-v2/pages/connect/managed-auth/quickstart.mdx
+++ b/docs-v2/pages/connect/managed-auth/quickstart.mdx
@@ -97,6 +97,10 @@ npm i --save @pipedream/sdk
When the user connects an account in your product, [pass the token from your backend](#generate-a-short-lived-token) and call `connectAccount`. This opens a Pipedream iFrame that guides the user through the account connection.
+
+If the Connect popup window doesn't open and your site sets the Cross-Origin-Opener-Policy (COOP) header to `same-origin`, set it to `same-origin-allow-popups` on the page that embeds the Connect iframe. The default COOP is `unsafe-none`; only make this change if you explicitly enforce `same-origin`. This relaxes isolation just enough to allow trusted popups (e.g., OAuth) to open from iframes.
+
+
Try the interactive demo below to connect an account after generating a token in the previous step:
diff --git a/docs-v2/pages/connect/managed-auth/troubleshooting.mdx b/docs-v2/pages/connect/managed-auth/troubleshooting.mdx
index c21c987b4a6a6..94c862e02cc64 100644
--- a/docs-v2/pages/connect/managed-auth/troubleshooting.mdx
+++ b/docs-v2/pages/connect/managed-auth/troubleshooting.mdx
@@ -46,6 +46,11 @@ Double-check the app slug you're passing [when connecting your user's account](/
The user may have closed the OAuth popup window without completing authorization.
+### Connect popup doesn't open
+
+If the Connect popup window doesn't open when users try to connect their accounts, the host page may be enforcing the Cross-Origin-Opener-Policy (COOP) header with the value `same-origin`, which isolates the browsing context and can interfere with popups opened by cross-origin iframes.
+
+Set the `Cross-Origin-Opener-Policy` header to `same-origin-allow-popups` on the page that embeds the Connect iframe. The default COOP is `unsafe-none`; only apply this change if you currently send `same-origin`.
If you're still have trouble or hitting an error that isn't listed here, [get in touch with us](https://pipedream.com/support). We'd love to help.
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 648cf983f4324..16e37a4b24703 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -16589,14 +16589,6 @@ importers:
specifier: ^6.0.0
version: 6.2.0
- modelcontextprotocol/node_modules2/@modelcontextprotocol/sdk/dist/cjs: {}
-
- modelcontextprotocol/node_modules2/@modelcontextprotocol/sdk/dist/esm: {}
-
- modelcontextprotocol/node_modules2/zod-to-json-schema/dist/cjs: {}
-
- modelcontextprotocol/node_modules2/zod-to-json-schema/dist/esm: {}
-
packages/ai:
dependencies:
'@pipedream/sdk':
@@ -32097,22 +32089,22 @@ packages:
superagent@3.8.1:
resolution: {integrity: sha512-VMBFLYgFuRdfeNQSMLbxGSLfmXL/xc+OO+BZp41Za/NRDBet/BNbkRJrYzCUu0u4GU0i/ml2dtT8b9qgkw9z6Q==}
engines: {node: '>= 4.0'}
- deprecated: Please upgrade to superagent v10.2.2+, see release notes at https://github.com/forwardemail/superagent/releases/tag/v10.2.2 - maintenance is supported by Forward Email @ https://forwardemail.net
+ deprecated: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net
superagent@4.1.0:
resolution: {integrity: sha512-FT3QLMasz0YyCd4uIi5HNe+3t/onxMyEho7C3PSqmti3Twgy2rXT4fmkTz6wRL6bTF4uzPcfkUCa8u4JWHw8Ag==}
engines: {node: '>= 6.0'}
- deprecated: Please upgrade to superagent v10.2.2+, see release notes at https://github.com/forwardemail/superagent/releases/tag/v10.2.2 - maintenance is supported by Forward Email @ https://forwardemail.net
+ deprecated: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net
superagent@5.3.1:
resolution: {integrity: sha512-wjJ/MoTid2/RuGCOFtlacyGNxN9QLMgcpYLDQlWFIhhdJ93kNscFonGvrpAHSCVjRVj++DGCglocF7Aej1KHvQ==}
engines: {node: '>= 7.0.0'}
- deprecated: Please upgrade to superagent v10.2.2+, see release notes at https://github.com/forwardemail/superagent/releases/tag/v10.2.2 - maintenance is supported by Forward Email @ https://forwardemail.net
+ deprecated: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net
superagent@7.1.6:
resolution: {integrity: sha512-gZkVCQR1gy/oUXr+kxJMLDjla434KmSOKbx5iGD30Ql+AkJQ/YlPKECJy2nhqOsHLjGHzoDTXNSjhnvWhzKk7g==}
engines: {node: '>=6.4.0 <13 || >=14'}
- deprecated: Please upgrade to superagent v10.2.2+, see release notes at https://github.com/forwardemail/superagent/releases/tag/v10.2.2 - maintenance is supported by Forward Email @ https://forwardemail.net
+ deprecated: Please upgrade to v9.0.0+ as we have fixed a public vulnerability with formidable dependency. Note that v9.0.0+ requires Node.js v14.18.0+. See https://github.com/ladjs/superagent/pull/1800 for insight. This project is supported and maintained by the team at Forward Email @ https://forwardemail.net
supports-color@10.0.0:
resolution: {integrity: sha512-HRVVSbCCMbj7/kdWF9Q+bbckjBHLtHMEoJWlkmYzzdwhYMkjkOwubLM6t7NbWKjgKamGDrWL1++KrjUO1t9oAQ==}