That's not a cross-oirign issue in the usual sense, it's a "We don't support frames and block them by default" issue, or it's simply down to you blocking third party cookies in your browser. The idp.frameoptions and idp.csp properties control the headers that block frame handling, and we do not recommend changing them. -- Scott