Can't use 2FA login in an iframe

We are using an iframe to allow the user to re-authenticate without leaving our SPA, which worked well with the old authorisation page, but the 2FA shows blank with the following error:

Refused to display ‘https://[our-domain]’ in a frame because an ancestor violates the following Content Security Policy directive: “frame-ancestors ‘none’”.

Is there any way round this?

I guess below is the answer?

1 Like

Thanks a lot for sharing that with the rest of community @jerry.job!

Hi @konrad.sopala and @jerry.job - I’m confused…

…the “solution” above is a link back to this very post - so no solution!

Do you have any perspective on that?

1 Like

What is the answer? How can be the policy modified in Auth0?