Avoiding third-party cookies with custom domain

abcdef · July 3, 2024, 6:29pm

I want to enable silent token refresh on Firefox and Safari, which block many third-party cookies.

Currently, my domains are setup like this:

These share an SLD (example.org); does this mean that the app will have access to the appropriate Auth0 cookies?

Do I need to change my DNS entries to get this working?

ty.frith · July 3, 2024, 10:02pm

Hey there @abcdef welcome to the community!

With a custom domain in place your app will have access to necessary cookies while being able to avoid the use third party cookies.

There are minor steps you need to take to essentially verify your domain - It depends on if you plan to use Auth0-Managed certificates or self-managed certificates.

Topic		Replies	Views
Custom Domain to avoid third party cookie blocked Get Help sessions , authentication-sessions	2	166	September 30, 2024
Auth0 and app hosted under parent domain. Is it still 3rdparty cookie? Get Help sso , application , cross-origin-authentication , protocols	0	1751	December 2, 2022
Custom login sub-domain with applications on sibling domains Get Help custom-domain	4	4027	May 13, 2020
Authorize without IFrame when on Custom domain Get Help custom-domain	2	4339	July 13, 2020
Multiple domains : third party cookies? Get Help third-party	4	6029	September 30, 2019