You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a Single-SPA with multiple micro-apps using MSAL v2. They each use the same client id to validate user is authenticated using silent sso, and all are subdomains of the same main domain, eg:
xxx.yyy.same.somedomain.com
aaa.bbb.same.somedomain.com
asdf-sdfg.dfgh.same.somedomain.com
Yet if 3rd party cookies are blocked by the user's browser the single-spa's fail to load. My understanding is that for silent SSO that MSAL uses a hidden iframe. I also thought subdomains were not considered 3rd party sites.
I'm just trying to understand why the cookie issue in this scenario? Is enabling 3rd Party cookies the only option?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I have a Single-SPA with multiple micro-apps using MSAL v2. They each use the same client id to validate user is authenticated using silent sso, and all are subdomains of the same main domain, eg:
Yet if 3rd party cookies are blocked by the user's browser the single-spa's fail to load. My understanding is that for silent SSO that MSAL uses a hidden iframe. I also thought subdomains were not considered 3rd party sites.
I'm just trying to understand why the cookie issue in this scenario? Is enabling 3rd Party cookies the only option?
Beta Was this translation helpful? Give feedback.
All reactions