Workspace One

VMware WS1 Access: Where did iframe settings Go ?!!

If you are using WS1 Access heavily like I do, you would have possibly got a requirement to integrate WS1 Access in an iframe.
That’s a pretty standard request that most likely will be required by application developers to use VMware WS1 Access for authentication as an iframe either in a vendor solution like in my case or in some in-house developed application.

VMware WS1 Access understands such a requirement and started to cover that as a standard configuration starting from 19.03 or later versions of the Workspace ONE Access connector.
Wait a minute! well not every version later than 19.03 has this setting. This is basically why I’m posting this article to show you how to work around this.

I use VMware Workspace One Access 20.10.0.1 Build 17586971, and I had a requirement to integrate my backup solution into our VMware Cloud Director 10.1 UI which requires authentication.
After configuring SAML authentication for my backup solution on WS1 Access and trying to add my VCD URL as an iframe by following VMware Documentation.

Where the heck is the iframe settings ?! I can’t find it as per the VMware documentation!!

Inspecting both pages to see what’s the difference in the code between them shows the below screenshots ..

iframe setting is visible ..
iframe setting is NOT visible …

Alright then, so it looks like the setting is there but for some reason in this version specifically it’s hidden and that’s why it’s not visible and can’t be edited. That also looks like we will have to use postman to update that!

I opened a support case which went to engineering to check the work around and eventually they came back confirming that we need to update that XML section with an API call.

I won’t go through how to use post man or curl to edit the API but I might blog that later in a separate blog.

So back to our topic, what are the API calls that should be posted or put to fix that ? here you go …

  • PUT https://VIDM-URL/SAAS/jersey/manager/api/tenants/settings
  • Headers:
    • Accept: application/vnd.vmware.horizon.manager.tenants.tenant.config.list+json
    • Content-Type: application/vnd.vmware.horizon.manager.tenants.tenant.config.list+json
    • Authorization: HZN <key> –<value of hzn cookie for admin user after admin user logs in>
  • Request Body(This was altered):
{
    "items": [
        {
            "name": "orgEnableXFrameUI",
            "value": "true"
        }
]
}

After performing this PUT API call, the iframe setting is visible again and you can add URLs where you would like to have WS1 Access to do authentication.

Written by,
Mohamed Basha

1 thought on “VMware WS1 Access: Where did iframe settings Go ?!!”

  1. Great help, here’s the full command for the next guy: replace the FQDN with your’s and should be the cookie from a browser session using dev tools.. articles out there for this around increasing max shards if you need some guidence.

    curl -X PUT \
    -H “Accept: application/vnd.vmware.horizon.manager.tenants.tenant.config.list+json” \
    -H “Content-Type: application/vnd.vmware.horizon.manager.tenants.tenant.config.list+json” \
    -H “Authorization: HZN ” \
    -d ‘{
    “items”: [
    {
    “name”: “orgEnableXFrameUI”,
    “value”: “true”
    }
    ]
    }’ \
    https://FQDN.domain.com/SAAS/jersey/manager/api/tenants/settings

Leave a Reply

Your email address will not be published. Required fields are marked *