Third party cookie deprecation (Privacy Sandbox) #21913
joselcvarela
started this conversation in
Feature Requests
Replies: 2 comments
-
Hmmm I would be somewhat hesitant to implement a new authentication provider that just works for Google's Chrome browser 🤔 My preference here would be to wait for FedCM to become a standard which is implemented by the other browsers (as it could be their implementations may not be 100% spec compliant) |
Beta Was this translation helpful? Give feedback.
0 replies
-
There is also this solution I proposed for that issue ; #20548 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Summary
Description
During 2024, Chrome will be removing support for third party cookies in order to improve privacy.
More information can be seen here: https://privacysandbox.com/
This change will impact all users that have Directus hosted in a different top domain than the main website and:
mode: cookie
on login endpointREFRESH_TOKEN_COOKIE_SAME_SITE=none
and logging in from another domain. For example, using Seamless SSORight now, Chrome users are already receiving a warning "Third-party cookie will be blocked. Learn more in the Issues tab."
More information about SSO cookies and privacy sandbox can be seen here:
https://developers.google.com/privacy-sandbox/3pcd/guides/identity#sign-in_solutions
Solutions
Have users putting Directus in the same domain as the main website. For example, main website is
example.com
so if users put Directus underdirectus.example.com
no more changes may need to happen.This solution does not require any changes in Directus
Use Related Website Set: https://developers.google.com/privacy-sandbox/3pcd/related-website-sets-integration
This solution seems to not require any changes in Directus
Use FedCM: https://developers.google.com/privacy-sandbox/3pcd/fedcm-developer-guide
This solution requires some changes to Directus
Basic Example
No response
Motivation
Basically Google Chrome is removing support for third party cookies.
Detailed Design
The solution that requires some changes on Directus is FedCM and the implementation can be seen here:
https://developers.google.com/privacy-sandbox/3pcd/fedcm-developer-guide
Requirements List
Must Have:
Drawbacks
Alternatives
Adoption Strategy
N/A
Unresolved Questions
No response
Beta Was this translation helpful? Give feedback.
All reactions