Refused to display https://login.microsoftonline.com/common/oauth2/ in a frame because it set 'X-Frame-Options' to 'deny'.

[subhendu-de]

I'm submitting a...

• Issue similar to Refused to display in a frame because it set 'X-Frame-Options' to 'deny'. #84

Browser:

• Chrome version 70.0.3538.102

Library version

@azure/msal-angular: 0.1.2

Current behavior

Configure the application to acquire an access token in Google Chrome and used
consentScopes: ["https://litware.onmicrosoft.com/demoApi/user.read"]

where
litware.onmicrosoft.com is the B2C tenant
demoapi is the APP ID URI
user.read is the published scope of the api application

However getting the issue in console - Refused to display "https://login.microsoftonline.com/common/oauth2/............" in a frame because it set 'X-Frame-Options' to 'deny'.

Expected behavior

It should work without any issue

[jsomdev]

Experiencing the same issues... Any reactions possible?

[navyasric]

@subhendu-de, @jsomdev Can you please give details of which type of user account(MSA, twitter, etc) are your trying to authenticate in the B2C tenant when you see this issue?

[navyasric]

@subhendu-de @jsomdev I noticed you are using msal-angular. Can you let us know if your app is creating nested iframes by the way msal is loading? Please check this FAQ topic to see if it helps with x-frame deny issue.

[rick-hayek]

any update? same issue here when trying to integrate editprofile policy. I'm using msal@1.0.1 & latest Chrome.

[rick-hayek]

@navyasric I'm checking the Q6 from FAQ. for the first workaround Specify a different html for the iframe, can you elaborate a little more how it works? I mean how to configure the application in AD and source. I'm trying to update the Reply URL in B2C AD to another valid page, but then it breaks the login.