Have an app with a fairly impressive user base, but I have just a few people with problems authenticating.
We are using okta-auth-js and implicit flow.
For the people with the issue, getWithoutPrompt (which internally uses the iframe and postMessage) fails silently.
Our Auth server is on a different domain than the application, so first suspect was third party cookies being blocked (which causes same issue), however I have confirmed for this handful of users that they are not blocking.
They do use antivirus (different for each user) and I am pursuing that line of investigation - but is there anything like a list of known issues with security appliances, vpns, antivirus, ad-blockers, etc…?
So far i have not been able to reproduce the issue with any of the antivirus packages that i have tried so far (macafee endpoint security, spyhunter 5)
Posting here in the hopes that someone has seen similar issues.