Why are third party cookies required for checkSession?

After following up with our support team they were able to break it down clearly:

Normally auth0.js runs on your domain e.g. contoso.com which is different from the auth0.com domain. So the iframe is created in your app and calling auth0.com which sets a a cookie that’s considered as a third party cookie.

Please let me know if this helps clear things up, thanks!