May 14 2024 07:27 AM
I've created an Enterprise App and App Registration in Microsoft Entra ID for the authentication of users into a thrid-party web application (Qlik Sense) via OIDC. This works as designed. When I access the website of Qlik Sense directly in my browser, I'm redirected to login.microsoftonline.com, where I can pick an existing account or sign-in with a new account.
Now, I want to create a custom web application where the website of Qlik Sense is embedded on a page with an iFrame. Unfortunately, this doesn't work, because the login page of Microsoft is blocked by the browser when opened inside an iFrame. The browser console indicates that this is because of a HTTP response header 'X-Frame-Options' that is coming from Microsoft Entra ID. Is there a way to prevent this behaviour by changing the configuration in Entra ID?
Jun 05 2024 07:44 AM