Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,462,702
Community Members
 
Community Events
176
Community Groups

Embedding private boards onto external websites?

IT I'm New Here Jan 25, 2023

I know this question has been placed multiple times during the past five years and more, however no solutions has been found yet.
I know that trello website uses the x-frame protection to prevent click-jacking, however this solution could be left to the end-users, by adapting this configuration per-page and with whitelisted domains. It's technically possible, why it hasn't been discussed so far?
The effort to provide an embedding code during this years is cool, however the current support for the private (non-public) boards is limited to a picture that is merely a "big" clickable icon, the only useful thing you can actually read on it, it's the board name.
Are you investing time for a better solution? Can we hope in something better, or we should give up?

(And yes, I know you can resemble a custom page made via API, but it's a such big task to develop, risking to create more security issues to what this limitation is trying to avoid)

Thanks for the attention.

2 answers

0 votes
milynnus Rising Star Jan 25, 2023

@IT 

You can take a look at Hipporello if you are looking at exposing your board on a webportal. I have used it to build a crm, a webportal to published documentation on a system and a 'store'

0 votes

>however this solution could be left to the end-users

That's the entire reason it has been done - Atlassian don't want to shift the responsibility for having to worry about click-jacking onto people who shouldn't have to worry about it.

IT I'm New Here Jan 25, 2023

They wouldn't, defaulting it as it is now, and adding the option to white-list specific domains won't expose the end user to click-jacking, unless the "hacker" is the owner himself.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events