Reloading Safari page results in not being logged in

[brettski]

Steps to reproduce:

1. using Safari browser
2. go to https://that.us
3. login to the site
4. verify your logged in and go to the /sessions page
5. refresh the page (reload button or submit the current URL)

What is experienced: After the page loads the user is no longer shown as logged in

What should happen: The page reloads and the user remains logged in

The current work-around is that the user must re-authenticate (by clicking login).

This Auth0 issue seems related: https://github.com/auth0/auth0-spa-js/issues/324, https://github.com/auth0/auth0-spa-js/issues/207

You will notice that Safari works as expected from a private window which doesn't use Safari's ITP technology (ITP2)

This issue has only been seen in safari. Browsers tested on Mac: Chrome, Brave, Safari, Firefox

[brettski]

https://github.com/auth0/auth0-spa-js/issues/324 states that its a conflict with Safari's Safari's ITP technology

Verifying ITP by disabling in Safari: Preferences > Privacy > Uncheck “Prevent cross-site tracking” (may have to restart app) _doing this on two systems did "correct" the issue.

No to find the correct fix since we'll aways have our auth domain different from our site domain

[brettski]

auth0 ticket 00462002, created