KB-2065 Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Rebecca Jonas — Mon, 03 Feb 2020 17:24:44 GMT

Current Revision posted to Appian Knowledge Base by Rebecca Jonas on 2/3/2020 5:24:44 PM

This issue has been resolved in an Appian hotfix/new Appian version. Please apply the latest hotfix to your Appian installation or upgrade to the latest version of Appian.

Purpose

The purpose of this article is inform users of an upcoming change to Google Chrome in version 80 that may cause issues with authentication in Appian embedded interfaces. The current release date for Google Chrome version 80 is February 4, 2020. The default behavior change that introduces the potential issues with authentication in Appian embedded interfaces is expected to take effect the week of Feb 17, 2020.

Expected Symptoms

After upgrading to Google Chrome version 80, embedded interfaces hosted on a different domain than Appian may experience authentication issues such as HTTP 401 unauthorized errors or a constant need for re-authentication.

e.g. If the embedded page domain is somedomain.net and Appian is hosted on somepage.somedomain.net, users will not experience any issues.

e.g. if the embedded page domain is somedomain.net and Appian is hosted on somepage.differentdomain.net, users may get a 401 error when trying to login to Appian on the embedded page.

Cause

In Google Chrome version 80, browser cookies for attribute 'SameSite' are treated as 'SameSite=Lax' by default if no SameSite attribute is specified. For more details about Google Chrome's implementation of this change, please see the Google Chrome Status page for this feature.

Appian is aware of this change and has made updates to all supported version of Appian to resolve any issues as a result of it via AN-142514 in the following hotfixes/versions:

Action

Apply the latest hotfix to your Appian installation or upgrade to the latest version of Appian.

If embedded users authenticate using SAML, the SAML configurations will need the cookies sent from the Identity Provider to have the 'SameSite=None; Secure' attributes. Check with the Identity Provider for how to implement this change, if not already in place.

Workaround

Users can use an Appian supported web browser other than Google Chrome.
Users can avoid upgrading Google Chrome to version 80 until the hotfix resolving this issue can be applied.
Users can retain the legacy behavior for cookies in the browser by setting both of these flags to "Disabled"
chrome://flags/#same-site-by-default-cookies
chrome://flags/#cookies-without-same-site-must-be-secure
System administrators can enforce legacy behavior using Enterprise Policies as detailed in this article.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the web browser.

Last Reviewed: February 2020

Tags: web browser, known issues, embedded interfaces, chrome, fixed issues

KB-2065 Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Parmida Borhani — Mon, 03 Feb 2020 05:14:25 GMT

Revision 12 posted to Appian Knowledge Base by Parmida Borhani on 2/3/2020 5:14:25 AM

This issue has been resolved in an Appian hotfix/new Appian version. Please apply the latest hotfix to your Appian installation or upgrade to the latest version of Appian.

Purpose

Expected Symptoms

e.g. If the embedded page domain is somedomain.net and Appian is hosted on somepage.somedomain.net, users will not experience any issues.

e.g. if the embedded page domain is somedomain.net and Appian is hosted on somepage.differentdomain.net, users may get a 401 error when trying to login to Appian on the embedded page.

Cause

Appian is aware of this change and has made updates to all supported version of Appian to resolve any issues as a result of it via AN-142514 in the following hotfixes/versions:

Action

Apply the latest hotfix to your Appian installation or upgrade to the latest version of Appian.

Workaround

Use an Appian supported web browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the web browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces, chrome, fixed issues

KB-2065 Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Parmida Borhani — Mon, 03 Feb 2020 05:11:52 GMT

Revision 11 posted to Appian Knowledge Base by Parmida Borhani on 2/3/2020 5:11:52 AM

This issue has been resolved in an Appian hotfix/new Appian version. Please apply the latest hotfix to your Appian installation or upgrade to the latest version of Appian.

Purpose

Expected Symptoms

e.g. If the embedded page domain is somedomain.net and Appian is hosted on somepage.somedomain.net, users will not experience any issues.

e.g. if the embedded page domain is somedomain.net and Appian is hosted on somepage.differentdomain.net, users may get a 401 error when trying to login to Appian on the embedded page.

Cause

Appian is aware of this change and has made updates to all supported version of Appian to resolve any issues as a result of it via AN-142514 in the following hotfixes/versions:

Action

Apply the latest hotfix to your Appian installation or upgrade to the latest version of Appian.

Workaround

Use an Appian supported web browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the web browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces, chrome, fixed issues

KB-2065 Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Rebecca Jonas — Thu, 30 Jan 2020 21:35:38 GMT

Revision 10 posted to Appian Knowledge Base by Rebecca Jonas on 1/30/2020 9:35:38 PM

Purpose

Expected Symptoms

e.g. If the embedded page domain is somedomain.net and Appian is hosted on somepage.somedomain.net, users will not experience any issues.

e.g. if the embedded page domain is somedomain.net and Appian is hosted on somepage.differentdomain.net, users may get a 401 error when trying to login to Appian on the embedded page.

Cause

Appian is aware of this change and is working to make updates to all supported version of Appian to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported web browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the web browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces, chrome, open issues

KB-2065 Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Parmida Borhani — Tue, 28 Jan 2020 23:35:29 GMT

Revision 9 posted to Appian Knowledge Base by Parmida Borhani on 1/28/2020 11:35:29 PM

Purpose

Expected Symptoms

e.g. If the embedded page domain is somedomain.net and Appian is hosted on somepage.somedomain.net, users will not experience any issues.

e.g. if the embedded page domain is somedomain.net and Appian is hosted on somepage.differentdomain.net, users may get a 401 error when trying to login to Appian on the embedded page.

Cause

Appian is aware of this change and is working to make updates to all supported version of Appian to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported web browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the web browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces, chrome, open issues

DRAFT KB-XXXX Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Parmida Borhani — Tue, 28 Jan 2020 06:38:41 GMT

Revision 8 posted to Appian Knowledge Base by Parmida Borhani on 1/28/2020 6:38:41 AM

Purpose

Expected Symptoms

e.g. If the embedded page domain is somedomain.net and Appian is hosted on somepage.somedomain.net, users will not experience any issues.

e.g. if the embedded page domain is somedomain.net and Appian is hosted on somepage.differentdomain.net, users may get a 401 error when trying to login to Appian on the embedded page.

Cause

Appian is aware of this change and is working to make updates to all supported version of Appian to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported web browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the web browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces, chrome, open issues

DRAFT KB-XXXX Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Zach Puderbach — Mon, 27 Jan 2020 22:41:14 GMT

Revision 7 posted to Appian Knowledge Base by Zach Puderbach on 1/27/2020 10:41:14 PM

Purpose

Expected Symptoms

e.g. If the embedded page domain is somedomain.net and Appian is hosted on somepage.somedomain.net, users will not experience any issues.

e.g. if the embedded page domain is somedomain.net and Appian is hosted on somepage.differentdomain.net, users may get a 401 Error on trying to login to Appian on the embedded page.

Cause

Appian is aware of this change and is working to make updates to all supported version of Appian to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported Web Browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the Web Browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces, open issues

DRAFT KB-XXXX Embedded interfaces experience authentication issues in Google Chrome version 80 and above

Zach Puderbach — Mon, 27 Jan 2020 20:59:20 GMT

Revision 6 posted to Appian Knowledge Base by Zach Puderbach on 1/27/2020 8:59:20 PM

Purpose

Expected Symptoms

e.g. Page domain is somedomain.net and Appian is hosted on <somepage>.somedomain.net => Users will not experience any issues.

e.g. Page domain is somedomain.net and Appian is hosted on <somepage>.differentdomain.net => Users may get a 401 Error on trying to login to Appian on the embedded page.

To preemptively determine how a specific embedded interface implementation may be affected prior Google Chrome version 80 release, users can test with Google Chrome Canary, Google Chrome's nightly and most recent build.

Cause

Appian is aware of this change and is working to make updates to all supported version of Appian to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported Web Browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the Web Browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces

DRAFT KB-XXXX Embedded Interfaces experience authentication issues in Google Chrome version 80 and above

Zach Puderbach — Mon, 27 Jan 2020 17:10:43 GMT

Revision 5 posted to Appian Knowledge Base by Zach Puderbach on 1/27/2020 5:10:43 PM

Purpose

The purpose of this article is inform users of an upcoming change to Google Chrome in version 80 that may cause issues with authentication in embedded interfaces. The currently set release date for Google Chrome version 80 is February 4th.

Expected Symptoms

e.g. Page domain is somedomain.net and Appian is hosted on <somepage>.somedomain.net => Users will not experience any issues.

e.g. Page domain is somedomain.net and Appian is hosted on <somepage>.differentdomain.net => Users may get a 401 Error on trying to login to Appian on the embedded page.

Cause

Appian is aware of this change and is working to make updates to all supported version of Appian to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported Web Browser other than Google Chrome.
Do not upgrade Google Chrome to version 80 until the hotfix resolving this issue can be applied.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the Web Browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces

DRAFT KB-XXXX Embedded Interfaces behave unexpectedly in Google Chrome version 80 and above

Zach Puderbach — Mon, 27 Jan 2020 17:01:00 GMT

Revision 4 posted to Appian Knowledge Base by Zach Puderbach on 1/27/2020 5:01:00 PM

Purpose

Expected Symptoms

After upgrading to Google Chrome version 80, embedded interfaces within Appian may experience authentication issues such as HTTP 401 unauthorized errors or constant need for re-authentication.

Cause

Appian is aware of this change and is working to make updates to all supported version of Appian to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported Web Browser other than Google Chrome.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the Web Browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces

DRAFT KB-XXXX Embedded Interfaces behave unexpectedly in Google Chrome version 80 and above

Zach Puderbach — Mon, 27 Jan 2020 16:57:17 GMT

Revision 3 posted to Appian Knowledge Base by Zach Puderbach on 1/27/2020 4:57:17 PM

Purpose

Expected Symptoms

After upgrading to Google Chrome version 80, embedded interfaces within Appian may experience authentication issues such as HTTP 401 unauthorized errors or constant need for re-authentication.

Cause

Appian is aware of this change and is working to make updates to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported Web Browser other than Google Chrome.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the Web Browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces

DRAFT KB-XXXX Embedded Interfaces behave unexpectedly in Google Chrome version 80 and above

Zach Puderbach — Mon, 27 Jan 2020 16:47:15 GMT

Revision 2 posted to Appian Knowledge Base by Zach Puderbach on 1/27/2020 4:47:15 PM

Purpose

Expected Symptoms

After upgrading to Google Chrome version 80, embedded interfaces within Appian may experience authentication issues such as HTTP 401 unauthorized errors or constant need for authentication.

Cause

In Google Chrome version 80, browser cookies for attribute 'SameSite' is treated as 'SameSite=Lax' by default if no SameSite attribute is specified. For more details about Google Chrome's implementation of this change, please see the Google Chrome Status page for this feature.

Appian is aware of this change and is working to make updates to resolve any issues as a result of it. The reference number for this issue is AN-142514.

Action

Apply the latest hotfix once available.

Workaround

Use an Appian supported Web Browser other than Google Chrome.

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the Web Browser.

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces

DRAFT KB-XXXX Embedded Interfaces

Zach Puderbach — Mon, 27 Jan 2020 16:41:14 GMT

Revision 1 posted to Appian Knowledge Base by Zach Puderbach on 1/27/2020 4:41:14 PM

Purpose

Expected Symptoms

After upgrading to Google Chrome version 80, embedded interfaces within Appian may experience authentication issues such as HTTP 401 unauthorized errors or constant need for authentication.

Cause

Action

This is being tracked in AN-142514. Apply the latest hotfix once available.

Workaround

Use a Appian supported Web Browser other than Google Chrome,

Affected Versions

This article applies to all versions of Appian using Google Chrome version 80 and above as the Web Browser..

Last Reviewed: January 2020

Tags: web browser, known issues, embedded interfaces