<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content

Okta Security Knowledge - Trusted Origins for iFrame Embedding

Administration
API Access Management
Okta Identity Engine

Overview

Okta enterprise customers, customers with compliance requirements, and customers who may have taken improper guidance from vendors/partners.

Applies To

  • Trusted Origins for iFrame embedding
  • Okta Identity Engine (OIE)

Solution

By utilizing Trusted Origins for iFrame embedding, trusted origins can embed Okta sign-in pages and Okta resources. This method offers greater security compared to the iFrame Embedding option in Customizations, which is based on x-frame-options. With the Customizations option, any resource might be embedded into any site. However, with Trusted Origins, it is ensured that only trusted origins can embed the resources.

 

Trusted Origins

 

Related References

 

 
Loading
Okta Support - Okta Security Knowledge - Trusted Origins for iFrame Embedding