iFrame Whitelist Configuration

New
  • 1 minute(s) read
Prev Next

The IFrame Whitelist Configuration feature in allows administrators to manage secure embedding of ProcessMaker content, such as forms and screens, across different domains. By implementing configurable security settings, organizations can ensure compliance with best practices and minimize risks of unauthorized access.

This configuration enhances flexibility, enabling administrators to define which external domains are permitted to embed ProcessMaker content within an iframe, thus aligning with enterprise security policies and cross-origin requirements.

Key Features & Benefits

  • Enhanced Security: Blocks unauthorized embedding of ProcessMaker forms and screens.

  • Compliance Ready: Aligns with security protocols like CSP and X-Frame-Options.

  • Configurable Controls: Allows defining specific trusted domains for embedding.

View and Manage Whitelisted Domains

The iFrame Whitelist Configuration includes a search and list table to help administrators quickly locate and manage authorized domains.

Follow the next steps to search and manage entries:

  1. Ensure that you are logged on to ProcessMaker Platform.

  2. Click the Admin option from the top menu. The Users page displays.

  3. Click the Settings icon from the left sidebar to view all settings.

  4. From the Settings panel on the left, expand the Log-In & Auth section.

  5. Select the iFrame Whitelist Config section to view the following details:

    1. Name: The Name column displays the name of the domain.

    2. Links: The Links column displays the URL parents for embedding.

    Whitelisted Domains.png

  6. To search for an entry, enter keywords (e.g., domain name or URL) in the Search bar.

  7. The table will automatically filter results based on your input.

  8. To manage current entries:

    1. Click Edit to update the domain’s name or URL.

    2. Click Copy to Clipboard to copy the domain’s name or URL.

    3. Click Clear to delete the domain’s name or URL.

Add a URL to the iFrame Whitelist

To add a URL to the IFrame Whitelist, follow the next steps:

  1. Ensure that you are logged on to ProcessMaker Platform.

  2. Click the Admin option from the top menu. The Users page displays.

  3. Click the Settings icon from the left sidebar to view all settings.

  4. From the Settings panel on the left, expand the Log-In & Auth section.

  5. Next to the Search bar above the list table, click +Add URL.

  6. Add the Site Name and URL of the trusted domain allowed to embed ProcessMaker content.

  7. Click Create. This creates a whitelist of domains authorized for embedding.