I have already asked about it in some channels on Slack, but as it did not result in any changes, I open this ticket here :)
Right now, when authentication is handled by accounts connector, Topcoder auth token v2 is written into tcjwt cookie, under topcoder.com / topcoder-dev.com domains, but auth token v3 is written into v3jwt cookie under accounts.topcoder.com / accounts.topcoder-dev.com domains. As the result, when the user of connector sends a request to the server (from its own subdomain of topcoder.com), only tcjwt cookie is sent along with the request, while v3jwt is not (because it is explicitely set for a different subdomain). Can we ensure that v3jwt cookie is set for topcoder.com / topcoder-dev.com domains as well?
I have already asked about it in some channels on Slack, but as it did not result in any changes, I open this ticket here :)
Right now, when authentication is handled by accounts connector, Topcoder auth token v2 is written into
tcjwt
cookie, undertopcoder.com / topcoder-dev.com
domains, but auth token v3 is written intov3jwt
cookie underaccounts.topcoder.com / accounts.topcoder-dev.com
domains. As the result, when the user of connector sends a request to the server (from its own subdomain oftopcoder.com
), onlytcjwt
cookie is sent along with the request, whilev3jwt
is not (because it is explicitely set for a different subdomain). Can we ensure thatv3jwt
cookie is set fortopcoder.com / topcoder-dev.com
domains as well?