Integration in company erp #8

MadhuVuppuluri commented 2023年07月18日 08:45:11 +02:00 (Migrated from github.com)

Our company has installed Bookstack in its server.
Now we are trying to integrate this in one of our erp just like Appsmith.
But when we tried to embed the book stack url on erp it is not opening and showing following error Refused to frame 'https://xxxxxxxx.yyy/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
We found out that this particular domain is not allowing access through erp system, while it is working fine for other cases (Appsmith). We even checked the CSP setting, so that the book stack site can be plugged inside erp. But there are no issues there as well.

We also need to understand the login authentication in Bookstack from the erp screen.
As the employees have already logged in once in the erp system so we do not want to ask them to login again to Bookstack.

Our company has installed Bookstack in its server. Now we are trying to integrate this in one of our erp just like Appsmith. But when we tried to embed the book stack url on erp it is not opening and showing following error Refused to frame 'https://xxxxxxxx.yyy/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'". We found out that this particular domain is not allowing access through erp system, while it is working fine for other cases (Appsmith). We even checked the CSP setting, so that the book stack site can be plugged inside erp. But there are no issues there as well. We also need to understand the login authentication in Bookstack from the erp screen. As the employees have already logged in once in the erp system so we do not want to ask them to login again to Bookstack.

ssddanbrown commented 2023年07月18日 11:50:56 +02:00 (Migrated from github.com)

because an ancestor violates the following Content Security Policy directive

You'll likely need to adjust the "Host Iframe Control" setting to allow your BookStack instance to be embedded by the ERP system:
https://www.bookstackapp.com/docs/admin/security/#host-iframe-control

We also need to understand the login authentication in Bookstack from the erp screen.

Depends on what authentication you're using in BookStack. BookStack has it's own user session either way so there needs to be some exchange to log the user in. Not sure how you'd do this seamlessly between systems without extension/modification of the system. Having a shared auth provider for both systems (thinking OIDC/SAML2) could allow quicker and more aligned auth but may still not be seamless depending on settings.

> because an ancestor violates the following Content Security Policy directive You'll likely need to adjust the "Host Iframe Control" setting to allow your BookStack instance to be embedded by the ERP system: https://www.bookstackapp.com/docs/admin/security/#host-iframe-control > We also need to understand the login authentication in Bookstack from the erp screen. Depends on what authentication you're using in BookStack. BookStack has it's own user session either way so there needs to be some exchange to log the user in. Not sure how you'd do this seamlessly between systems without extension/modification of the system. Having a shared auth provider for both systems (thinking OIDC/SAML2) could allow quicker and more aligned auth but may still not be seamless depending on settings.

namannj46 commented 2023年07月24日 10:36:01 +02:00 (Migrated from github.com)

Thank you for integrating this into our screen. We have successfully implemented the login with Google option. However, we are currently facing a challenge in enabling login for our organization's employees. We need assistance in finding a solution that allows users with the same domain name, such as "...@xyz.com," to log in. Can you please help us with this?
Currently i am able to login with google with my own id only

Thank you for integrating this into our screen. We have successfully implemented the login with Google option. However, we are currently facing a challenge in enabling login for our organization's employees. We need assistance in finding a solution that allows users with the same domain name, such as "[...@xyz.com](mailto:...@xyz.com)," to log in. Can you please help us with this? Currently i am able to login with google with my own id only