search

MicrosoftDocs / azure-docs

Open source documentation of Microsoft Azure
https://docs.microsoft.com/azure
Creative Commons Attribution 4.0 International
10.31k stars 21.49k forks source link

iFrames are not supported #124778

Open willfiddes opened 3 weeks ago

willfiddes commented 3 weeks ago

https://github.com/MicrosoftDocs/azure-docs/issues/114759 never got completed. This still needs to be documented.

We need to document that for interactive requests, iFrames are not supported.

We will return X-Frame-Options:DENY and this is expected behavior. There is no workaround to this, Sign-in requests should be done from the top level window. This needs to be documented in both the OAuth2/OIDC and SAML docs.

If you are aware of other options or solutions where iFrames can be used, please document them here as well.

References: These are just a few out of hundreds... https://stackoverflow.com/questions/51344620/workaround-for-showing-aad-login-screen-for-site-hosted-in-iframe https://stackoverflow.com/questions/37597983/how-to-authenticate-iframe-against-aad-oauth https://stackoverflow.com/questions/63155081/refused-to-display-login-microsoftonline-com-in-iframe-in-asp-net-mvc-app

Document Details ⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

ID: 13b44819-ed7b-84bc-f5d2-2b937029f7df Version Independent ID: db9f8408-c234-90d0-4817-3516e5fc3ba0 Content: Microsoft identity platform and OAuth 2.0 authorization code flow - Microsoft Entra Content Source: articles/active-directory/develop/v2-oauth2-auth-code-flow.md Service: active-directory Sub-service: develop GitHub Login: @OwenRichards1 Microsoft Alias: owenrichards

TPavanBalaji commented 3 weeks ago

@willfiddes Thanks for your feedback! We will investigate and update as appropriate.