SAP Knowledge Base Article - Preview

2912358 - XSUAA login page gets blocked in iframes - SAP BTP Cloud Foundry


  • A Cloud Foundry application is embedded in an iframe. One example is the integration into the SAP Launchpad Service.
  • When opening the application, it gets blocked by the browser with the message: <subdomain>.authentication.<region> refused to connect
  • In the browser console, the following error is logged:  Refused to display <URL> in a frame because it set 'X-Frame-Options' to 'deny'.



SAP BTP, Cloud Foundry environment


SAP BTP, Cloud Foundry runtime and environment all versions


cf uaa xs uaa Customer 360 mashup c4c header Refused to display in a frame because it set 'X-Frame-Options' to 'deny', refused to connect, x-content-security-policy, tile, logon, Invalid domain(s) provided or missing protocol, BTP, Feature Set B, BTP Cockpit, Trust Management, Authorization, Cloud Foundry, CF , KBA , scp , sap cloud platform , BC-CP-CF-SEC-IAM , UAA, Authentication, Authorization, Trust Mgmnt , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.