** Our tech stack**:
- ABP Framework version: v7.2.2
- UI Type: Angular
- Database System: EF Core (PostgreSQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes
** Question**: Our platform, which we build upon the ABP framework, serves two scenarios: the user access to functionality via an Angular-based portal that relies upon the backend APIs and offering API access for partners who don't want to use the portal but willing to access functionality we offer via the backend API layer. Now, we're facing another scenario where our clients want some sort of widget which is hosted on our end and can be embedded into their application. Their app is Angular as well. Way back, to fulfill scenarios like this, we used to develop responsive pages that could be embedded in somebody's app as an iFrame. My take on iFrames is simple - these days, this way of integration is treated as insecure. This is the context, and here's the list of questions I have and I hope you guys can help to address them:
- What would be the best approach to widget development? Can it be hosted on our end as an Angular module that others can embed into their applications? Are there any other options to achieve the same result supported by the ABP?
- iFrame integration (yes/no), any concerns or better ways of integrating something like this
- What would be the best way to authenticate clients who embed our widget/component into their apps (given the context above)?
- Is there a way to make this widget (or a set of widgets) client/tenant-specific and manage them as a feature in ABP?
Please advise.
2 Answer(s)
-
0
Thoughts?
-
0
Hi akaziuka,
- We don't have any boilerplate for
iFrame
yet we are not prevent to use it by your own project. Just need to be carefully about security part. - Also you can relate this enhancement with our tenant/feature/setting/permission system because you can reach this values via
PermissionService | *abpPermission directive
andConfigStateService
in anywhere in your project. - If you want to patch our existing modules you need to customize them please check the document
- We don't have any boilerplate for