Issues embedding a Shiny App in an iFrame


There are some use cases where you may want to embed a shiny app hosted on RStudio Connect, in an iFrame on another domain. This can be tricky if your users need to authenticate with Connect to be able to see the content - embedding on a different domain has the potential to cause issues.

This may result in infinite loops when users attempt to log in, resulting in the inability to view the content embedded within the iFrame.


Is there a solution?

Yes! To resolve this, you can implement the configuration options below into your /etc/rstudio-connect/rstudio-connect.gcfg configuration file:

SameSite = None
ForceSecure = True

More information on these settings can be found here:

The Server.SameSite directive will contain the value of the SameSite option present in the cookies used by RStudio Connect. By default, SameSite will not be present in the cookies.

The HTTP.ForceSecure option will mark cookies secure on its unsecured connection. This option should be used when RStudio Connect is behind a secure proxy.


Support Ticket

If you still have issues after completing the above, you can always lodge a support ticket, where our group of friendly, and incredibly knowledgeable staff can assist with any issues that you may be having. You can submit a ticket here: