Displaying Foundry Workshops within an iFrame within Salesforce

Samwise_AIP · December 4, 2024, 5:25pm

Hey Folks

My company is a Salesforce shop, and I work in service operations. We’re considering a few vendors for enabling AI in our service workflows and one of the requirements is to keep Salesforce as the front end.

We’re currently using PTC Thingworx as our IoT platform, and displaying dashboards from Thingworx in Salesforce using iFrames. This got me thinking the same would likely be possible with Foundry/AIP.

Is this something that’s been done before?

Does anyone have any experience or advice here?

Looking through documentation I see the reverse is possible, i.e. putting an iFrame in a Workshop to display external content, but I’m not seeing the reverse.

Thanks

Sam

Samwise_AIP · December 4, 2024, 5:30pm

Spoke to soon - seems it is possible

https://www.palantir.com/docs/foundry/administration/embed-foundry-externally

Authentication becomes the next thing to consider… we use SSO for Salesforce so could that auth be used when the foundry workshop is invokved?

nicornk · December 4, 2024, 6:04pm

If Foundry is in an iframe, the regular configured authentication method will be used. If it’s SSO and user is already logged in at the IdP it should be seamless.

Samwise_AIP · December 4, 2024, 6:45pm

Great, thank you Nico

Was good to meet you at Devcon

brentshulman-silklin · December 4, 2024, 8:29pm

To build upon this example, would the following work?

I create an authentication provider in Foundry that points to an auth service (in my case, Auth0). I think this would happen via OIDC? https://www.palantir.com/docs/foundry/authentication/oidc-getting-started/

Within Auth0, I create “enterprise connections,” allowing my users to log in from different organizations via SSO.

I then have a web app (Next.js or something equivalent) that uses that Auth0 application for authentication.

If a user logs in to my web app via the Auth0 application through SSO, and that same Auth0 application is used for Foundry…

…then, if I iframe Foundry into my webapp, the user will not need to take any further action to see Foundry.

Does that work/even make sense?

nicornk · December 4, 2024, 8:41pm

Yes, that makes sense - replace your webapp with Salesforce - same thing.

The login flow will run but since Auth0/Entra AD/… (your IdP) will cache your login it will not really be noticeable to the end-user.

Samwise_AIP · December 5, 2024, 7:51am

Is it also possible to pass context to an externally embedded workshop app?

For instance - having hydrated the ontology with salesforce data including the ticket number for support cases, upon loading that case in salesforce, passing that case number to the workshop to use related content as an input to the app.

nicornk · December 5, 2024, 9:36pm

As a url parameter, yes.

nicornk · December 6, 2024, 9:49am

Quick Update on embedding Slate: I have opened an Issue, it seems the sandbox.html that Slate serves does not return the proper Content Security Policy. Hoping this can be fixed.

Samwise_AIP · December 18, 2024, 7:00pm

Hey Nico, did you get an update on this from Palantir?

nicornk · December 18, 2024, 8:15pm

Yes. Apparently the Control Panel CSP Settings do not propagate to parts of Slate.

The Slate Team was able to set the CSP for the hostnames we provided manually in our stack config. I asked them to fix this but did not get a timeline.

I guess it would help if you also raise this in case you want to use Slate in an iframe.

system · January 1, 2025, 8:16pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.