Can't use 2FA login in an iframe

davestewart · September 23, 2019, 1:07pm

We are using an iframe to allow the user to re-authenticate without leaving our SPA, which worked well with the old authorisation page, but the 2FA shows blank with the following error:

Refused to display ‘https://[our-domain].eu.auth0.com/u/login?state=g6Fo2SBrUlE0bzNCSFZDZWpHRDhvSW9xZndnNENlVlB5TGhkeKN0aWTZIFRQOTJsNlJCQWRoSkVCV3BKcS1sYlpJcHJTMnptRk5yo2NpZNkgcjdWVm8zNHdiakxDZTQ1bDJacFA5Y0lyQURMazNkZ0I’ in a frame because an ancestor violates the following Content Security Policy directive: “frame-ancestors ‘none’”.

Is there any way round this?

jerry.job · November 18, 2019, 8:00am

I guess below is the answer?

konrad.sopala · November 18, 2019, 11:36am

Thanks a lot for sharing that with the rest of community @jerry.job!

davestewart · November 19, 2019, 2:59pm

Hi @konrad.sopala and @jerry.job - I’m confused…

…the “solution” above is a link back to this very post - so no solution!

Do you have any perspective on that?

ejaimec · October 30, 2020, 3:23pm

What is the answer? How can be the policy modified in Auth0?

Topic		Replies	Views
Content Security Policy Error During iframe Login (Auth0's solution does not work) Help application , addons	0	392	March 25, 2024
Login page not open in iframe Help iframe	4	9568	February 15, 2020
Auth0 on iframe Help	2	4437	March 18, 2020
During iFrame Login with the New Universal Login Fails with Content Security Policy directive: "frame-ancestors 'none'" Knowledge Articles iframe , silent-auth , silent-authentication	1	353	May 14, 2024
Content Security Policy Error During iframe Login Knowledge Articles	1	478	March 23, 2024

Can't use 2FA login in an iframe

Related Topics