How to display NinTex Widget in SharePoint online modern page

  • 13 March 2019
  • 8 replies

Badge +3

We have a SharePoint Online classic page.

It contains two pageviewer webparts, one links to<ourCompany>/sharepoint/widget.aspx?notifications=true&logo=true&recent=true&favourites=true&search=true&width=-1
And the other links to<ourCompany>/Dashboard/Governance


We are transitioning to Modern SharePoint pages for our content (which use the SPFx framework, so we can't use the old webparts).

In modern sharepoint pages the Embed webpart should achieve the same function...... BUT even though we have enabled "Site settings/Html field security" to allow embeds from the Modern SharePoint pages won't accept the URLs above.

Does anyone at Promapp or in the forum know how to make this work ?

We suspect that there is something on the Promapp end which is causing the modern sharepoint page Embed webpart to fail and not allow the URLs to be used. Possibly too many redirects or some other non-obvious issue.

Your help would be appreciated.

Many thanks


Best answer by jamesRoss 17 March 2019, 22:24

View original

8 replies

For the Promapp pages, you are best to use the iframe to display them on your SharePoint pages.


Try the following code:

<iframe width="260" height="190" src="<yourcompany>/Sharepoint/Widget.aspx?notifications=true&search=true&recent=true&favourites=false" frameborder="0" allowfullscreen></iframe>

Badge +3

Hi @jamesRoss 

Thanks for the post.

I'd tried something similar but your iFrame syntax worked on a SharePoint Online Modern page.

The only thing that might have helped is that the "Site settings/Html field security" for the site collection the page is in may not have had time to synchronise, and it may be that which was causing my issue.


Anyway - we've not got a modern sharepoint page with a iframe in it.


Many thanks

Badge +3

We'll we've revisited this again 3 years on.

Same problem , no resolution.

The SharePoint Online Modern page Embed web part rewrites the URL of the iframe from

<iframe width="200" height="394" src=""></iframe>


<iframe width="200" height="394" src=";notifications=true&amp;search=true&amp;recent=true"></iframe>

If you attempt to go to;notifications=true&amp;search=true&amp;recent=true

It only displays the NinTex Promapp logo.

From the ProductTeam it would be great if you changed the code of widget.aspx just a little to interpret this URL (mangled by Microsoft) or gave us another way to pass the same info to the widget.aspx page.

Similar issues here, can’t get it to work. Logged a case with support and no help yet. Will share if I ever get it solved, please do the same :-)

Badge +3

Hi @TonyaJean @jamesRoss 

One of our Infrastructure guys has looked into why the 

<iframe width="200" height="394" src=";notifications=true&amp;search=true&amp;recent=true"></iframe>

When put into the Embed webpart in a Modern SharePoint page doesn’t work.

What he found was that the SharePoint page iframe goes into a never ending loop going to Authenticate ASPX (you can see this in the Developer mode of Chrome).

More specifically he found that the site is sending the following http header is set as follows    ‘X-Frame -Options SameOrigin’ . This means if our Iframe was on a page on it would work fine. He said there used to be 3 x-frame options but that one of them was removed from IIS some time ago meaning now the only options are Deny or SameOrigin. The other option would be for NOT to send the X-Frame header at all which may or may not solve the problem for us.


SO my challenge to the Promapp Product team - recreate this issue, and help us out with a solution.

NOTE this only happens for the /SharePoint/widget.aspx include NOT the other includes with minimode in their urls.


Full quote of what my internal infrastructure staff member sent me

Testing has shown the issue relates to a remote server configuration hosted by Promapp. Response headers indicate they have set the 'X-Frame -Options' to 'SameOrigin'. This is a Cross-Origin Resource Sharing(CORS) security mechanism, which explicitly prevents the browser from requesting resources, unless they come from the same origin/domain that tries to load them. This results in a redirect loop when the iframe is embedded in SharePoint, or any externally hosted domain/website.

I reported the issue to support. After closing my request with no solution, I reopened it and got an explanation that you can’t use Promapp/Process Manager content on modern SharePoint pages with SSO, and there are no plans to make it work. Not a completely accurate response, and not particularly helpful. Disappointing, to say the least.

Badge +3

@TonyaJean thanks for your reply.

Yes, I’ve asked this question of them several times over the past couple of years and at no stage have I had anyone even remotely sound like Nintex is interested in making it work for SharePoint online. As you say disappointing, when the expectation is  that we keep paying our fees, but the development of the product seems to be on the back burner.

Badge +3

Hi @TonyaJean  and @jamesRoss , well 4 years on, and after logging a ticket with Nintex in November 2022 I got an email from the support team today saying.

Hi Dorje,

The dev team has fixed the defect. Can you please check now and let me know if it's resolved from your end?

So I did test it and using the Embed webpart on a Modern SharePoint page does now work (for users logged into Promapp).

For me the following iframe codes now work within embed webparts in a SharePoint online page:

<iframe width="200" height="200" src="" tabindex="0" allowfullscreen=""></iframe>


<iframe width="300" height="350" src=""></iframe>


NOTE to make these work I had to change one setting in our intranet site. 

  • go to site information
  • click All site settings
  • click on html field security
  • in the "allow iframes from this domain" list add in


Many thanks to the Dev Team for making this possible for those of us who have moved to SharePoint online.