I solved. I have as callback url an address that is fixed set to https://www.keenbeer.com/login-callback, in this way the session cookie is issued just for the 2nd level ‘www’ domain and not for the one without.
I forced my webserver to always redirect to the www version of the website.
Thank you