Hey there @arie26 ,
From my side, happy to start with the known workarounds -
-
Do not rely on silent authentication (cookies-based) if your applications and Auth0 tenant don’t share the same second-level domain.
-
In the above scenario, leverage refresh token rotation instead (a common authentication and authorization pattern for SPAs). More here