We have implement the SSO login across Multiple domains using * token.getWithoutPrompt. GetWithoutPrompt(okta+javascript) must have access to cookies on the Okta domain via an iFrame.
Since all the modern browsers (chrome, safari) have disabled third party cookies, Is there another way to achieve SSO login and token renewal even when third party cookies are disabled.
Went through the Okta Custom domain suggestions, it may work for SPA or single domain, but our case its multiple domains. eg: Application1 is a plugin that can be plugged into any apps with different domains(Jira plugin)
Sorry for the delay! If you’re worried about 3rd party cookies, you could potentially use refresh tokens as well. Right now, refresh tokens will only be issued to a backend, but we are looking to offer the ability to use refresh tokens for SPAs as well to help in scenarios such as this. Here’s our guide about refresh tokens, if you’ve not used them before.