-
Hexagon ALI recommends you secure the Web Client with the correct HTTP response headers. You can specify the parent application domains allowed to embed the Web Client and secure the iframe usage by using X-Frame-options and Content Security Policy (CSP).
-
You must add the parent application domain to the server domain allow list.
-
Any queries performed by the parent application are restricted by the role of the user logged into the Web Client.