When an iframe is used to display apps that require authentication from Workspace ONE Access, you must configure the Workspace ONE Access service to display the login pages in the iframe.

In the admin console Settings > Login Preferences page, you add the trusted URL addresses that can display the Workspace ONE Access login pages. When users log in to the app, the Workspace ONE Access service sends an X-Frame-Options HTTP response header that instructs the browser to grant the URL you specify to load itself in the iframe.

Workspace ONE Access Specification for Using iFrames

  • If you are using 19.03 or later versions of the Workspace ONE Access connector, all authentication methods are supported.
  • This feature can be used with Workspace ONE Access 20.01 or later and with Workspace ONE Access Cloud deployments.


  1. Navigate to the Workspace ONE Access console Settings > Login Preferences page.
  2. Click EDIT.
  3. In the URL address from which rendering VMware Workspace ONE Access login pages in iframe is allowed text box, enter the URL address, including the port number that can display the Workspace ONE Access login page. Enter as http://example.com:portnumber.
    Click + to add additional addresses that can be used.
  4. Click Save.
  5. Test each of the URL addresses you configured to confirm that the log in page displays correctly and you can log in.

    To display the login page in the Safari browser, users must deactivate Prevent Cross-Site Tracking in the Safari browser Privacy & Security settings on their devices.

    The login page does not display in the Firefox or Chrome browsers when the page is accessed from an iOS device.