I’m developing my application in localhost and almost ready to go to production.
What do I need to to do to be ready when google will block the auth0 cookie please ?
I don’t want to go in production and in few months have an authentification broken because of the new rules about third party cookie.
Thank you
Hi there @dubar.jeremy ,
Google’s plans include blocking third-party cookies, to be more specific. Cookies-based flows should not cause issues if Auth0’s and the application’s second-level domain are the same.
Ref:
This will also not affect a tenant using a Custom Domain with Auth0 and if the second-level domain matches the application’s domain.
Alternatively, you can integrate your SPA application with Auth0 to relay on refresh token rotation (which it looks like you already did )
Please let me know if you have follow-up questions about that.