Using An iframe
If your instance of Flow is going to be included inside an iframe
for your uses - then some custom configuration is required. If you don’t you won’t be able to login inside the iframe
.
Requires Flow build 16.11.4.1 or greater.
Configuration Changes
In your configuration folder of you Flow instance make the following changes:
C:\inetpub\wwwroot\chameleon\Configurations
With the file named
session.settings.config
Create a backup of the file
Edit the file
Replace its contents with the contents from the file
session.settings.iframe.config
With the file named
httpcookies.settings.config
Create a backup of the file
Edit the file
Replace its contents with the contents from the file
httpcookies.settings.iframe.config
You may need to delete the cookies that your browser is caching to allow the new changes to take effect.. The steps for deleting cookies will vary depending on what browser you use.
Clear Your Cookies
If after making these changes you still cannot login - you likely need to clear your cookies. The steps for deleting cookies will vary depending on what browser you use.
Notes
The web.config file references the modified configuration files.
Safari - Permission Required
Safari blocks all third-party cookies by default. To get access to cookies - which we need to even login - we have to use the Storage Access API to request access. That’s after having the user at least click on the site when it’s not framed and create a cookie there.
They describe the requirement here: https://webkit.org/blog/11545/updates-to-the-storage-access-api/
Storage Access API documentation
Storage Access API - Web APIs | MDN
Document: hasStorageAccess() method - Web APIs | MDN
The Storage Access API
More references
Third-Party Cookie Restrictions for Iframes in Safari
Safari 13+ iframe blocks CORS cookies
-- This means that in effect, the existing cookie must also be set on the same exact sub domain.
Cannot set cookie in iframe using the Storage Access API on Safari
Safari Login Process
With version 16.12.5.4 there is a possible Safari login process that will look something like this:
The user will try to login but then will encounter an error at which point a new button will appear:
The user needs to click the Enable Sign In… button which pops up a page from the site which the user is prompted to enable the use of cookies.
When the user clicks the Enable Login button it returns with a message telling them they can now close this window and return to the previous site.
When they return to the original site - they should refresh the page and try to login again. Then they will be prompted to allow cookies.
After they click allow - they need to:
refresh the site again
try to login again
at which point they should be able to successfully login.
Future logins won’t prompt them to redo this for some time. I believe Safari requires the user to have direct access to the original site every 30 days. (This is what the popup “My Authorization” page does for them.
Testing Safari - Reset
If you’ve already tested this process on an iPhone and want to reset it to try again - you have to Clear History.
Settings
Apps
Safari
Clear History and Website Data