I am writing to request technical assistance with a critical integration I am developing between our Bitrix24 portal (imeclinic.bitrix24.com.tr ) and our n8n.cloud instance (imeclinic.app.n8n.cloud ).
The goal is to use n8n to power a chatbot within the Bitrix24 Open Channels framework. We have successfully configured a Bitrix24 “Local Application,” but we have reached a hard blocker during the setup process.
A required step in the Bitrix24 UI involves opening our n8n instance’s URL within an <iframe> . This action is consistently blocked by the browser, and the developer console shows the following error:
Refused to display 'https://imeclinic.app.n8n.cloud/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
We understand that this is a security feature to prevent clickjacking and that the standard solution is to set the N8N_XFRAME_BYPASS=true environment variable.
However, on our n8n.cloud dashboard, we’ve found that the ability to set Environment Variables is a feature exclusive to the Enterprise plan . We are currently on a Trial plan.
This creates a deadlock: the Bitrix24 integration requires n8n to be rendered in an iframe, but our n8n.cloud plan does not seem to allow the necessary configuration to permit this.
My question is:
Is there any possibility to have the N8N_XFRAME_BYPASS=true setting enabled for our instance on a non-Enterprise plan, even temporarily, to complete our integration setup? If not, is there another recommended workaround for n8n.cloud users to handle this specific X-Frame-Options issue with a trusted partner integration like Bitrix24?
This is the final blocker in our development. Any guidance would be greatly appreciated.