I'm building out a bunch of Enterprise Site pages that have an embedded Ops-Dashboards. When we access the site page, we are prompted to login to the site (expected and good) and then login again to the dashboard - not excepted and not good. And even when the site page opens again in a new tab, the site has a cached login and opens the page without the login prompt but still prompts for the login on the dashboard. This seems like a bad workflow and users are definitely not going to like it. Is there a bug? Is there specific way to embedded secure content into the site page so it doesn't require two logins?
- Version 10.7
- Separate portal/server and web-adapter machines
- Site and dashboard are on the same portal:
- Chrome/Edge/Firefox all display the same behavior.
- Invalid 'X-Frame-Options' header encountered when loading ... 'ALLOW-FROM https://server' is not a recognized directive. The header will be ignored.
Seems similar to this: https://community.esri.com/thread/87825 and could be that there's a new header requirement: https://stackoverflow.com/questions/30731290/how-to-set-x-frame-options-allow-from-in-nginx-correctly