When you use an Amazon CloudFront/S3-hosted environment with Active Directory Federation Services (ADFS) to create or edit a workflow, you may see a "Browser Not Supported" error.


K2 Workflow Designer’s detection code is unable to determine the browser because the value of the User Agent request header is AmazonCloudFront when using an Amazon CloudFront hosted environment with ADFS. Amazon cloud environments with this configuration do not forward the original header to the origin of the request.

Resolution and Workaround

Configure your CloudFront distributions by using the CloudFront console or the CloudFront API to forward the original header to the origin. See Forwarding Custom Headers to Your Origin for information on how to configure your CloudFront distributions.

Each of your CloudFront distributions contains a list of headers that must be forwarded to the origin server. You can use one of the following options when you configure your distributions:

  • None – This option requests the original behavior, which is using the AmazonCloudFront User Agent header
  • All – This option forwards all headers and disables all caching at the edge.
  • Whitelist – This option gives you full control of the headers to forward. The list is empty and grows as you add more headers. You can add common HTTP headers by choosing them from a list. You can also add custom headers by entering the name. Each header that you add to the list becomes part of the cache key for the URLs associated with the distribution. Adding a header to the list tells CloudFront that the value of the header can affect the content returned by the origin server. You can add the User Agent header to the whitelist which forwards the original header to the origin. You must do this for each distribution.