Is it safe to assume that as of today, the Auth SDK doesnt support authentication for a SPA application which is on a different domain than Okta, when third party cookies are blocked ?
Looks like both getWithRedirect and getWithoutPrompts will fail if cookies are blocked.
Any other workarounds implemented to circumvent this ?
By making your Okta org effectively part of the same domain as your application server from a browser’s perspective, use of custom URL domain moves Okta session cookies to a first-party context. Calls to Okta become calls within the same site, and browser third-party cookie blocking is no longer triggered.
For example, if your original Okta org is companyname.okta.com, and your app server is app.companyname.com, you would use the custom URL domain feature to give your Okta org a new URL like login.companyname.com. This puts your app and your Okta org within the same site.
The custom URL domain wouldn’t help
But, the scenario involves multiple applications deployed on multiple domains, protected by one okta tenant. We are not dealing with just one or two applications.
Any thoughts / workarounds for multi domain applications ?