Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Intelligent Advisor Workspace Control with SAML SSO X-Frame-Options DENY

in Intelligent Advisor for B2C Service 1 comment

Summary:

By default our IDP (ADFS) is blocking the use of the Intelligent Advisor control on our workspaces in production. This is because X-Frame-Options: DENY is in place to prevent clickjacking and our security team is hesitant to open up.

Content (please ensure you mask any confidential information):

When it tries to connect it shares credentials with another site with our OIA site to display an interview. It looks like our ADFS server blocks the connection. We are getting .... The loading of “<IDP AUTH URL>” in a frame is denied by “X-Frame-Options“ directive set to “deny“. I am wondering if anyone has had something similar occur with them and what the best practice is for enabling this in an IDP or if any workarounds exist? This is working fine on our test sites with oracle authentication.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!