Using Okta Auth SDK when third party cookies are blocked

I have reviewed the Third Party cookie related issues / docs on Okta forums.
Third Party Cookie FAQ’s

SSO Across Multiple Domains

Is it safe to assume that as of today, the Auth SDK doesnt support authentication for a SPA application which is on a different domain than Okta, when third party cookies are blocked ?
Looks like both getWithRedirect and getWithoutPrompts will fail if cookies are blocked.

Any other workarounds implemented to circumvent this ?

1 Like

Hi @narsi! As recommended in our Third Party Cookie FAQ’s we recommend setting up a custom URL domain.

By making your Okta org effectively part of the same domain as your application server from a browser’s perspective, use of custom URL domain moves Okta session cookies to a first-party context. Calls to Okta become calls within the same site, and browser third-party cookie blocking is no longer triggered.

For example, if your original Okta org is companyname.okta.com, and your app server is app.companyname.com, you would use the custom URL domain feature to give your Okta org a new URL like login.companyname.com. This puts your app and your Okta org within the same site.

Hey Sigama,
Thanks,

The custom URL domain wouldn’t help
But, the scenario involves multiple applications deployed on multiple domains, protected by one okta tenant. We are not dealing with just one or two applications.

Any thoughts / workarounds for multi domain applications ?

The caveats are:

  1. Apps need to use Okta Auth SDK and
  2. Are SPA Apps.

Thank,s

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.