When an iframe is used to display apps that require authentication from Workspace ONE Access, you must configure the Workspace ONE Access service to display the login pages in the iframe.

In the Identity & Access Management Preferences page, you add the trusted URL addresses that can display the Workspace ONE Access login pages. When users log in to the app, Workspace ONE Access sends an X-Frame-Options HTTP response header that instructs the browser to grant the URL you specify to load itself in the iframe.

Workspace ONE Access Specification for Using iFrames

  • If you are using 19.03 or later versions of the Workspace ONE Access connector, all authentication methods are supported.
  • If you are using a connector version earlier than 19.03, Password, RADIUS, RSA SecurID, and Kerberos authentication methods are not supported.
  • This feature can be used with Workspace ONE Access 20.01 or later and with Workspace ONE Access Cloud deployments.

Procedure

  1. In the Workspace ONE Access console, Identity & Access Management tab, click Preferences.
  2. In the URL address from which rendering VMware Workspace ONE Access login pages in iframe is allowed text box, enter the URL address, including the port number that can display the Workspace ONE Access login page. Enter as http://example.com:portnumber.
    Click + to add additional addresses that can be used.
  3. Click Save.
  4. Test each of the URL addresses you configured to confirm that the log in page displays correctly and you can log in.

    To display the login page in the Safari browser, users must disable Prevent Cross-Site Tracking in the Safari browser Privacy & Security settings on their devices.

    The login page does not display in the Firefox or Chrome browsers when the page is accessed from an iOS device.