Skip to main content

Hi,

We have another application (say application 😵 where development is done to integrate our Thinkwise application in another web application. I was wondering if this is possible and if so, how to approach this. We currently have the following problem:

  1. User clicks a specific button in application X, which triggers a popup in application X showing the Thinkwise application in Application X:

     

  2. User logs into Thinkwise (Open ID), but still via application X. User cannot see anything of the Thinkwise application:

 


What can we do in order to solve this problem?

 

Thanks in advance!

Hi Nick,

I believe you can embed the Universal GUI if you make sure both the Universal GUI and the other application run on the same domain; due to CORS. Not sure though.


@NickJanssen could it be that you have the Security Headers configured according to the recommendations in the Docs? IIS configuration | Thinkwise Documentation (thinkwisesoftware.com)

If so, it might be that you need to change the value for the X-Frame-Options in order to allow the Universal GUI to be displayed within an iframe of another application.

Check this link for options:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

 


Thanks for the replies. I can see my screenshot does not contain all the info:

 

Is it maybe the case that the redirect URL configured in the Azure Portal does not comply with the URL the user is coming from? Is there any workaround for this or will this method simply not work?


@NickJanssen Check, then the issue is with the https://login.microsoftonline.com, for which you cannot control the Security settings. However, they don't seem to use the X-Frame-Options (Scan results for https://login.microsoftonline.com/ (securityheaders.com)), so perhaps you can get it working.

I recommend searching on the error ‘login.microsoftonline.com refused to connect’, it does give quite a number of results. Some of these you might be able to review and test. See some suggestions here, the ‘Block third-party cookies’ setting in your browser is probably the easiest to check and test:

login.microsoftonline.com refused to connect on xFrame - Microsoft Q&A


We are going to investigate. I’ll post an update here when I have one. Thanks for all the suggestions.


Also, the ‘other’ application might have a Content-Security-Policy containing a frame-src. So you might get an error like:

 

In most cases, the browser developer tools show an error which might give a clue. 


Hi @NickJanssen, any updates on this? Do you still require our assistance?


Hi,

Sorry for the late update.

We did not manage to get this working quickly enough, so chose for a solution where our thinkwise application is opened in another tab.

Thanks for the replies.


Reply