Auth0 Home Blog Docs

OIDC - ITP issues with Safari w/ Custom Domains

Here’s the issue. We discovered the ITP issue with Safari where we could not SSO to applications across our own platform. We were able to solve this by adding a custom domain to our tenant. Now users on our platforms on Safari CAN successfully SSO to applications on our platform.

The remaining issue… I believe we still have issues (or may have issues) is with our partners that we SSO to that has a different top-level domain. For SAML2 this appears to not be an issue but for OIDC, in particular, it appears to be an issue. Can anyone corroborate this?

If so, does anyone have a workaround? OIDC is optimal as we simply create an application on our Auth0 instance and our partners just use the Auth0 client to do silent SSO on their end. I would have to think we have to have everyone go back to SAML2.

Thanks ahead of time…
Ryan

Hey there!

Sorry for such a delayed response! We’re doing our best in providing you with the best developer support experience out there but sometimes our bandwidth is just not enough for all the questions coming in. Sorry for the inconvenience!

Can you let us know if you still require further assistance from us?