Cross-origin authentication(CORS) doesn't work when third-party cookies are disabled in Microsoft Edge

Problem statement

We followed the document here:

to configure CORS. When we tested in Microsoft Edge under Block third-party cookies mode, cross-origin authentication didn’t work

Solution

The cross-origin verification page provides a fallback for browsers with 3rd party cookies disabled, which now only works with IE as of today, as newer, Chromium-based Edge browsers are sandboxing cookies and local storage. That is why, the verification page code fails as it can’t get the verifier key at runtime. Because of this, our documentation has been updated to remove Edge as a supported browser for the verification page fallback.

We do not recommend using cross-origin flows in general, and Universal Login should be leveraged wherever possible.