Is there any way to get in touch with tech to whitelist a website to allow for iframing the VATSIM Connect auth.vatsim.net solution?
Or have another suggestion on how to make use of auth.vatsim.net in this solution:
For security reasons, auth.vatsim.net is not embeddable in an iframe.
What exactly are you trying to do? We can work towards a solution from there.
2 Likes
Hi, thanks for your help!
We’re trying to let the user of VatIRIS (https://vatiris.se) access some documents on the VATSIM Scandinavia Wiki, embedded within an iframe within a Winbox.js window. The VATSCA Wiki requires VATSIM authentication…
If you’d like to see it in action, go to https://vatiris.se and click “Wiki” in the top menubar. Iframing the wiki works, but authenticating doesn’t.
Would it be a better solution to require VATSIM authentication for the entire site (we might want that anyway) and then somehow pass the authentication token along to the VATSCA Wiki (if that’s even possible)?
It does sound like gating the whole site behind auth makes sense.
As for the wiki integration, an idea: you could pass some sort of token (JWT?) between VatIRIS and VATSCA Wiki to authenticate the iframe. The two applications would have a shared secret on the backend for verification.
1 Like