Embeddable framework and SSO

Michal_Banas · June 21, 2024, 8:36am

Hi,

We are running SSO and embedded framework in our custom CRM solution.
We get an error when signing it from within the iframe: "refused to frame [our SSOURL] because ancestor violates the following Content Security Policy directive: frame-ancestors:self".

The SSO works correctly outside of the window (e.g. logging to purecloud or taking iframe scr URL outside our CRM) .

We are running iframe with dedicatedLoginWindow=true and the sso URL has been added to "Authorized redirect URIs" in the SSO configuration. The framework.js contains only specifies SSO with two properties: provider and orgName. We also added domain as sso URLS to "Allowed Embeddable Domain(s)" and "Restrict Genesys Cloud Embedding" is off.

We also tried to use "Popup authentication for embedded iframes" but it did not change anything.

Thank you in advance.

BDDE · July 11, 2024, 10:17am

Hello,
We are getting the same error (also mentioning the SSO URL). The difference is that we use the Salesforce integration, not a custom one. But the behavior described is the same.
It only happen for a few days, and not with all browser (for instance, it's working fine with Edge).

system · August 11, 2024, 10:17am

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.