Guardian MFA in custom domain failing when 3rd party cookies disabled

Hi all,

I am attempting to use Guardian multi-factor authentication (via SMS) in my application. When 3rd party cookies are disabled (such as by default in Safari) the MFA fails with the error message “WE CANNOT CONNECT TO REAL TIME CHANNEL”. This is because it is trying to set a cookie from a different domain “*.au.auth0.com” than my application.

Fair enough, this is the reason that custom domains are supported. But I have now registered a custom domain “auth.my_project.com” with a CNAME pointing to my auth0 domain. And unfortunately Guardian MFA still fails with the same error message. My browser tells me that the page is still trying to set cookies from “auth0.com” and “my_project.guardian.au.auth0.com”. The URL of the actual current page does show correctly as “auth.my_project.com” at least.

Do I have my Guardian MFA configured incorrectly? How can I configure it such that these cookies are set from my own subdomain so that it will work with Safari?

Regards,
Adam Gatt

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?