Reloading the Page Causes Logout and Authentication Session Loss

Overview

When using Safari, the user is logged out immediately after a refresh. Logging in again requires to input credentials again, meaning the session is lost. However, on the Chrome browser, it is working. This article details why this is happening and what can be done in this situation.

Applies To

  • Browsers
  • User Session

Cause

This could happen when the App has a domain different from the Auth0 tenant canonical domain. This is because, upon a refresh, the silent authentication fails due to third-party cookies being blocked on these browsers. Per understanding, Safari and Firefox block third-party cookies by default.

Solution

The workaround would be to set up a custom domain that matches the top-level domain. When the top-level domain matches, the cookies will be treated as first-party and, hence, will not be blocked.

1 Like