Custom authentication iframe timeout issue


#1

Hello,

I have a custom authentication that uses ADFS to authenticate users. It works fine, except that the user will have sso experience for 8 hours. So if there is no activity for 8 hours, the user will be challenged to authentication again.

This challenge redirects the user to another page to authenticate. The problem is that the redirect occurs in an iframe and ADFS blocks iframe with error: Load denied by X-Frame-Options.

Is there a solution to this problem?

Thanks,

Gabriel


#2

I was able to do this using a separate cookie when authentication passed on ADFS. This way, the user will remain authenticated until they close the browser.

If anyone is interested in the details, please contact me.

Thanks


#3

Hi @ParadimeWeb,

ADFS 3 (2016) doesn’t support IFRAME based authentication. ADFS 2019 offers an option to manage x-frames-option http header. We are working on a solution for ADFS 3 (2016). Feel free to send us more details about your cookie based solution.

Regards,
Eddy.