"Firefox Can’t Open This Page" Error Due to iFrame Embedding
Sep 11, 2025
Administration
Okta Classic Engine
Okta Identity Engine
Overview
The following error is displayed due to the embedded iframe not being trusted:
Firefox Can’t Open This Page. To protect your security, {domain}.okta.com will not allow Firefox to display the page if another site has embedded it. To see this page, you need to open it in a new window.
Applies To
- iFrame
- Firefox
Cause
When the widget is trying to authenticate to Okta from the IFrame, Firefox will throw the specified error.
Solution
To resolve this issue, enable iFrame embedding in the Okta Admin Dashboard:
- From the Okta Admin Dashboard, navigate to Customizations > Other > IFrame Embedding.
- Select the checkbox Allow IFrame Embedding.
- Click Save.
For more granular control, disable the iFrame option and then Configure Trusted Origins to allow the specific iframe embed.
Risks of enabling global iFrame embedding:
- Without domain restrictions, malicious sites can embed Okta pages and deceive users into performing unintended actions.
- This setting bypasses the more secure frame-ancestors directive used with Trusted Origins, reducing protection against unauthorized embedding.
- Relying on global embedding may lead to unpredictable behavior across browsers, impacting both usability and security.
Related References
- Okta Identity Engine (OIE): Okta Trusted Origins for iFrame embedding
- Okta Classic Engine: Okta Trusted Origins for iFrame embedding Classic
