Is it possible to embed AppSheet in iFrame when (Google) Authentication option enabled for an app?
I get the following error if I try to use iframe:
Refused to display 'https://www.appsheet.com/Account/Login?returnUrl= snip/snip/snip' in a frame because it set 'X-Frame-Options' to 'DENY'.
It’s blocked by most OAuth providers because the OAuth standard itself says not to allow login via iframe:
[Custom Domain/URL/Branding Hi all, am new he...](https://community.appsheet.com/t/custom-domain-url-branding-hi-all-am-new-he/2475/15) Questions
The OAuth2 web standard recommends avoiding iframes for authentication, so most web services are going to block it. 10.13. Clickjacking In a clickjacking attack, an attacker registers a legitimate client and then constructs a malicious site in which it loads the authorization server’s authorization endpoint web page in a transparent iframe overlaid on top of a set of dummy buttons which are carefully constructed to be placed directly under important buttons on the authorization page. When …
Thank you, that makes sense now.
Does anyone know a workaround for restricting the access to the app and using the iframe at the same time? I basically need to restrict access and embed the app on our school site.