Article - CS301511
Unable to embed a ThingWorx mashup in iFrame in SSO setup of ThingWorx
Modified: 20-Mar-2024
Applies To
- ThingWorx Platform 8.3 SP1 to 9.4
- Windchill PDMLink 12.1
- PingFederate
Description
- Unable to load the mashup in iFrame when SSO is enabled for ThingWorx
- Browser error console reports that X-Frame-Options are set to SAMEORIGIN or DENY
- Error in console:
Refused to display <ThingWorx URL used in Iframe> in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'". The Loading of "https://<FQDN>/sp/ACS.saml2" in a frame is denied by "X-Frame-Options" directive set to "SAMEORIGIN"
- Error in Console logs related to PingFederate URL:
Refused to display "https://<FQDN>/sp/ACS.saml2" in a frame because it set "X-Frame-Options" to "SAMEORGIN"
- Error in Console:
Refused to display <ThingWorx URL used in iFrame> in a frame because an ancestor violates the following Content Security Policy directive: "<URL>'"
- Error in iFrame:
<Browser> can't open this page
This is a printer-friendly version of Article 301511 and may be out of date. For the latest version click CS301511