Hello team, we are facing an issue when some users have blocked third party cookies.
I understand that cookies is essential for
getTokenSilently() to work based on this post Why is authentication lost after refreshing my single page application?
I have followed the recommendations highlighted in the same post to try resolve the issues with third party cookies, but still I am unable to get the error to go away.
We have a custom domain set, but does not seem to work.
We have a project that uses iframe to load some contents, this iframe window needs people to login using SSO, auth0, so we trigger
client.loginWithPopup() from the iframe, then the user should be able to have a session within the iframe and complete the next steps in their profile within the iframe.
The iframe loads from a different URL that is does not match the main window origin.
iframe origin is https://app.app-site.com
parent window origin is https://main-site.com
This is my code:
This is my refresh token setup:
I just did further tests, and this issue happens specifically when running my app from the iframe as explained above where my iframe loads from a different domain not the same as the parent main window.