Is your iframe loaded already through an application proxy? (similar thread here). If not, this is something you could look into, although I'm not certain to what extent the web bluetooth API supports iframe behaviour.
Thanks for the response. I was trying to use App Bridge so that our app can be used in the Shopify POS, which I think renders through an iframe. Can proxies be used to render inside the POS without App Bridge or an iframe?
Looks like permission delegation from parent to child through an iframe is being worked on by chromium: https://bugs.chromium.org/p/chromium/issues/detail?id=518042. But not yet implemented.
App Bridge should be sufficient in this case. If you haven't already found it, here's some documentation you can read on Application Proxies and App Bridge, although it sounds like that chromium issue is what you're waiting for!