Embed Framework SSO - iframe 'X-Frame-Options' to 'DENY'

Genesys Cloud Integrations Embeddable Framework
1

Hi Everyone,

Just wondering if anyone can help. I am using Embed Framework in Dynamics 365. I can load Embed Framework as an iframe inside Dynamics 365.

image
image1461×836 60.2 KB

Then in pureCloud login is setup as AD Azure SSO, and once i click login with Microsoft, I got error:

image
image1817×815 106 KB

Refused to display 'https://login.microsoftonline.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

It seems because it refuse to display login page within an iframe due to security reasons.

But If I open microsoft login in new window as following:

image
image1367×896 61.2 KB

It working normally.

image
image1312×853 162 KB

image
image1239×891 37.2 KB

Is there any setting in Embed Framework that handle this ?

Thank you
Fransiska

2

Hello,

"Refused to display 'https://login.microsoftonline.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
It seems because it refuse to display login page within an iframe due to security reasons"

It means that Microsoft AD/Dynamics does not allow you to embed a login window (Microsoft login) inside an iframe.
It is a constraint on Microsoft/Dynamics side.
Some systems block this by default but it can be turned on, some just don't allow it.
I don't know fo Microsoft/Dynamics.

"It working normally."

Yes. This is because when you open the link in the new tab, the login window is not embedded in an iframe.
So Microsoft does not have a problem with it.

"Is there any setting in Embed Framework that handle this ?"

For systems that do not allow login/authentication via an iframe, there is a configuration in the Embeddable Framework which allows to pop up the login window as a separate tab/window.
When login is required, the login window will pop up (not embedded in an iframe). The user will sign in and the login window will disappear.

See dedicatedLoginWindow in settings.
You'll also need to add the dedicatedLoginWindow=true in your url as described here.
And a new Authorized URL to your OAuth Client - " If set to true, add https://apps.mypurecloud.com/crm/authWindow.html under Authorized redirect URIs in the OAuth client that you are using with the embeddable framework." (https://apps.mypurecloud.com.au/crm/authWindow.html in your case)

Regards,

1 Like
3

Thanks Jerome,

This now working, see below.

image
image1083×625 113 KB

Fransiska

4