Try these, it should work for different browsers.
https://blog.atwork.at/medium.aspx?id=c14c3ae3-3aba-429d-a748-b74283dbd463&date=/post/2020/09/13/
Note : You can use Firefox to get it worked rather edge.
Happy SharePointing!! :)
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi All,
I have an enterprise application integrated with Azure AD using SAML SSO. Also, all the users in the tenant has MFA and SSPR enabled with few users yet to configure their SSPR.
Architecture of application:
Enterprise app is similar to an appstore where we have links to many sub apps. Upon clicking a sub app, an iframe loads with in the Home page and inside that iframe, we are loading the sub app. So whenever the user who has not configured the SSPR tries to login, it will always redirect to the configuration page and they usually skips the setup and lands on the home page. And now the same user clicks on the sub app and when the sub app gets opened in an iframe, we will see an error message saying login.microsoftonline refused to connect.
Can someone share your thoughts here. Is it because we opening the sub app in iframe. I can see in network trace that , the sub app is also redirecting to login.microsoftonline for the sspr setup. Please share your though to avoid this situation.
Thank you
Diljith.
Try these, it should work for different browsers.
https://blog.atwork.at/medium.aspx?id=c14c3ae3-3aba-429d-a748-b74283dbd463&date=/post/2020/09/13/
Note : You can use Firefox to get it worked rather edge.
Happy SharePointing!! :)
I would look in the developer tools when the iframe is loading and see why it is blocked. I suspect the site either has an x-frame-option or content-security-policy which is preventing the site being loaded in an iframe.
@Diljith PC Thanks for reaching out and apologies for delay on this.
Due to the popularity of clickjacking on the internet, it is common to prevent login pages from being display inside frames. The X-FRAME-Options meta tag in HTML makes it easy for providers to implement this safeguard on a widespread or domain/origin-specific basis.
So as your page sends the request for login before doing SSPR it would fail.
Can you try popups/add-in communication via web sockets in your app to handle the login request.
Read more here : https://learn.microsoft.com/en-us/archive/blogs/richard_dizeregas_blog/connecting-to-office-365-from-an-office-add-in#mastering-the-popup
-----------------------------------------------------------------------------------------------------------------
If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community
Did you manage to solve this issue ? we are having the same issue and struggling for the solution.
Please help if you managed to resolve it.
-Sudhir.