Embedding Thinkwise in another application

Hi Nick,

I believe you can embed the Universal GUI if you make sure both the Universal GUI and the other application run on the same domain; due to CORS. Not sure though.

@NickJanssen could it be that you have the Security Headers configured according to the recommendations in the Docs? IIS configuration | Thinkwise Documentation (thinkwisesoftware.com)

If so, it might be that you need to change the value for the X-Frame-Options in order to allow the Universal GUI to be displayed within an iframe of another application.

Check this link for options:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

Thanks for the replies. I can see my screenshot does not contain all the info:

Is it maybe the case that the redirect URL configured in the Azure Portal does not comply with the URL the user is coming from? Is there any workaround for this or will this method simply not work?

@NickJanssen Check, then the issue is with the https://login.microsoftonline.com, for which you cannot control the Security settings. However, they don't seem to use the X-Frame-Options (Scan results for https://login.microsoftonline.com/ (securityheaders.com)), so perhaps you can get it working.

I recommend searching on the error ‘login.microsoftonline.com refused to connect’, it does give quite a number of results. Some of these you might be able to review and test. See some suggestions here, the ‘Block third-party cookies’ setting in your browser is probably the easiest to check and test:

login.microsoftonline.com refused to connect on xFrame - Microsoft Q&A

We are going to investigate. I’ll post an update here when I have one. Thanks for all the suggestions.

Also, the ‘other’ application might have a Content-Security-Policy containing a frame-src. So you might get an error like:

In most cases, the browser developer tools show an error which might give a clue. 

Hi @NickJanssen, any updates on this? Do you still require our assistance?