Zendesk does not allow iframing of Zendesk due to the inherent security risks involved in iframing a web application.
The security risk, UI Redressing, or, as it's more commonly known, "clickjacking", is a class of attack that uses an iframe element on a web page that is actually overlaying another website.
As in the example described in this blog post, users can be lured into thinking that they are accessing a separate website when in fact they are allowing the hacker into a website they've already logged into (their online banking account, for example).
Zendesk prevents the iframing of Zendesk by setting an HTTP header (X-Frame-options) to SAMEORIGIN for all server responses. This policy took effect on June 30th, 2013.
18 comments
Christian
Has anyone found a work around to being able to embed a zendesk arcticle/help center into another app/website using iFrame?
0
Viktor Kemenczei
We experience the same problem where the iframe source code doesn't display in Zendesk Guide articles. After a little research, I have found that iframe embedding actually possible, although only from authorised domains. I'm unsure how to get your domains authorised by Zendesk, but it's worth a try reaching out to them.
Source article:
https://support.zendesk.com/hc/en-us/articles/4408824584602#topic_bjj_r4x_kxb__section_t4m_rrx_kxb
See the screenshot of the section below:
0
David-Alex West
Allie Cliffe I'd assume a ship this big is like steering an island. I have fingers crossed and workarounds ready, waiting for the future.
0
Allie Cliffe
David-Alex West I suspected that was true, but figured it didn't hurt to put a word in with Zendesk support. I suppose it's hard to move such a big ship, even if the direction is a good one.
0
David-Alex West
Allie Cliffe My team has tried every variation we can think of for making this work. It will not. The function is not allowed because of a blanket security policy regarding access through iFrames. We can integrate chat but the articles that we want to have viewed within our environment will ALWAYS link out, away from our product, to an additional log in screen because our KB is gated. I don't see it changing anytime soon. This has been asked for in different ways for so long and no updates or answers are being given for paths forward. Only "no's".
0
Allie Cliffe
My team is developing an online course (Intro to Data Tables in Leanpub), and we would love to embed our Zendesk support docs as iFrames instead of linking out to in the content a different tab or (worse) repeating the content in Leanpub.
Is there any way to allow iframes to reference Zendesk for specific instances (IP addresses)?
0
David-Alex West
We have the guide articles integrated as a repository within a third party widget on our product already. They require an iFrame compatible URL to integrate the chat functionality. Is this possible?
1
Dave Dyson
0
Operations Support
Its cool how ppl snake in with a pretty solution post after its been solved - where do i get those "Zendesk Pro" badges?
0
Viktor Osetrov
Thanks a lot for your question. As we know iframe is not allowed. The reason - is due to the inherent security risks involved in iframing a web application.
However, did you try to use iframe app https://www.zendesk.com/marketplace/apps/support/1/iframe/ ?
The alternative way is to use API for updating your help center - https://developer.zendesk.com/api-reference/help_center/help-center-api/introduction/
Hope it helps
0
Sign in to leave a comment.