Using Okta Auth SDK when third party cookies are blocked

I have reviewed the Third Party cookie related issues / docs on Okta forums.
Third Party Cookie FAQ’s

SSO Across Multiple Domains

Is it safe to assume that as of today, the Auth SDK doesnt support authentication for a SPA application which is on a different domain than Okta, when third party cookies are blocked ?
Looks like both getWithRedirect and getWithoutPrompts will fail if cookies are blocked.

Any other workarounds implemented to circumvent this ?

Hi @narsi! As recommended in our Third Party Cookie FAQ’s we recommend setting up a custom URL domain.

By making your Okta org effectively part of the same domain as your application server from a browser’s perspective, use of custom URL domain moves Okta session cookies to a first-party context. Calls to Okta become calls within the same site, and browser third-party cookie blocking is no longer triggered.

For example, if your original Okta org is, and your app server is, you would use the custom URL domain feature to give your Okta org a new URL like This puts your app and your Okta org within the same site.

Hey Sigama,

The custom URL domain wouldn’t help
But, the scenario involves multiple applications deployed on multiple domains, protected by one okta tenant. We are not dealing with just one or two applications.

Any thoughts / workarounds for multi domain applications ?

The caveats are:

  1. Apps need to use Okta Auth SDK and
  2. Are SPA Apps.