cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

'X-Frame-Options: DENY' Error During SSO Authentication in an iFrame

Rajnivas_Thiyagarajan
Copper Contributor

‎Apr 17 2024 01:37 AM

‎Apr 17 2024 01:37 AM

'X-Frame-Options: DENY' Error During SSO Authentication in an iFrame

Hi All,

Currently, we're in the process of integrating Single Sign-On (SSO) functionality into our React/Typescript based iframe web application, which operates within an iframe.
For user authentication, we're utilizing Azure AD B2C, while AWS Cognito serves as our internal database for user data management. During development, within the iframe environment, we successfully implemented SSO login without any issues. However, upon deployment of our iframe application into the parent web application, we encountered an obstacle when trying to initiate the SSO login process. Specifically, we received the error message:
"Refused to display 'https://test.b2clogin.com/' in a frame because it set 'X-Frame-Options' to 'deny'."
Upon investigation, it became apparent that the 'X-Frame-Options' header for 'https://test.b2clogin.com/' is configured to 'deny', thereby preventing its display within iframes. Are there any potential solutions or workarounds for this issue?

We got stucked in the issue for some day, and can't find any potential fixes Rajnivas_Thiyagarajan_0-1713340561329.gif


Thanks for your help in Advance! Rajnivas_Thiyagarajan_1-1713340561331.gif

 



Rajnivas_Thiyagarajan_2-1713340561566.png

 

 

Labels:
184 Views
0 Likes
1 Reply
Reply
1 Reply
Prasad_Das-MSFT

‎Apr 17 2024 03:18 AM

‎Apr 17 2024 03:18 AM

Re: 'X-Frame-Options: DENY' Error During SSO Authentication in an iFrame

@Rajnivas_Thiyagarajan - The response header you are getting back from 'https://test.b2clogin.com/' does not allow the browser to render it inside an <iframe> element.

Take a look at the X-Frame-Options header: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

 

 

 

Thanks, 

Prasad Das

------------------------------------------------------------------------------------------ 

If the response is helpful, please click "**Mark as Best Response**" and like it. You can share your feedback via Microsoft Teams Developer Feedback link. Click here to escalate. 

0 Likes
Reply