Embedding Issues

Third-Party Cookies

Modern browsers often block third-party cookies, which are essential for services like GoodData when embedded in another website or application. If you disable these cookies, you might have trouble accessing GoodData Portal within an embedded window. Dashboards will not display until you enable third-party cookies in your browser.

When integrating GoodData via an iframe, use a white-labeled GoodData version with a matching domain to your hosting application (e.g., analytics.example.com for example.com). This prevents cookie-related issues and is recommended unless you opt for operations exclusively through the React SDK.

Embedding in Google Chrome

In Version 80, Google Chrome changed the default value of the SameSite cookie.

  • Before Version 80, the SameSite cookie defaulted to None.
  • In Version 80, the default was changed to Lax.

This allows the cookie to be sent only with the top-level navigation. As a result, third-party cookies cannot be set. Because embedding GoodData relies on third-party context, embedded GoodData objects (for example, KPI Dashboards or Analytical Designer) may have become unavailable. To address those changes, we hardcoded the SameSite=None attribute within the GoodData platform.

Some user agents are known to be incompatible with the SameSite=None attribute (for details, see SameSite=None: Known incompatible clients). If you have issues with embedded GoodData objects in Google Chrome, try the following:

For more information, see the following articles:

Embedding in Safari

Safari blocks all third-party cookies by default. GoodData relies on third-party cookies to authenticate users when its offerings are embedded in another web page. Due to the GoodData implementation, Safari views embedded GoodData dashboards as third-party cookies.

If you have issues with embedded dashboards in Safari, navigate to the dedicated resource from your site. This dedicated resource sets a special cookie named GDCCookiesFix with one year validity from the GoodData domain and redirects calls back to your site based on the Referer HTTP header.

Example:

<!doctype html>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <title></title>
        <meta name="copyright" content="Copyright © 2008 - 2019 GoodData Corporation. All rights reserved.">
    </head>
    <body>
        <iframe frameborder="0" src="EMBEDDED_DASHBOARD_LINK" width="100%" height="808px" allowTransparency="false"></iframe>
        <script>
        var createCookie = function(name, value, days) {
            var expires, date;
            date = new Date();
            date.setTime(date.getTime()+(days*24*60*60*1000));
            expires = "; expires="+date.toGMTString();
            document.cookie = name+"="+value+expires+"; path=/";
        };

        var safariFixCookie = "safari_fix";
        var is_safari = /^((?!chrome|android).)*safari/i.test(navigator.userAgent); // safari detection
        if (is_safari) {
            if (document.cookie.indexOf(safariFixCookie) == -1) {
                createCookie(safariFixCookie, 'fixed', 365);
                window.location.replace("https://GOODDATA_URL/cookiesFix.html");
                }
            }
        </script>
    </body>
</html>

If this does not help, explicitly enable third-party cookies in your browser.

Enabling Cookies in Your Browser

Explicitly enable third-party cookies in your browser. For specific instructions in enabling cookies, see user documentation for your browser. Instructions may differ depending on the version of the browser and your operating system.

For more information, see Known Issue: Blocking Cookies May Make Embedded GoodData Inaccessible.

Enabling Partitioned Cookies

Google announced that later in the year 2024, the Google Chrome browser may drop support for third-party cookies, a change explained in this Google blog post. This could pose challenges for users who embed GoodData content within their web apps through iframes, if they did not whitelabel their GoodData domain to be in aligned with their main app’s domain. Up until now, these third-party cookies were key for logging in and accessing GoodData’s features smoothly, and this approach would no longer be possible.

GoodData is adapting to this planned change, by offering the option to use partitioned cookies for iframe embedded content, to maintain functionality without enabling cross-site tracking. This change, recommended by Google, allows GoodData services embedded in applications to save their state in a separate cookie jar, partitioned by the top-level site, ensuring user authentication and content access within the same iframe context

To enable partitioned cookies, see Enable Partitioned Cookies.