Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Research on the use of Storage Access API #11139

Open
tharindu-b-hewage opened this issue Jan 29, 2021 · 0 comments
Open

Research on the use of Storage Access API #11139

tharindu-b-hewage opened this issue Jan 29, 2021 · 0 comments
Labels
gateway Identity gateway Type/NewFeature
Milestone
FUTURE

Comments

@tharindu-b-hewage
Copy link
Contributor

Is your feature request related to a problem? Please describe.

The heavy browser restrictions imposed upon cookies, especially in third-party contexts bring many challenges. These are discussed with details here #10979.

However, there can be valid use cases that require access to cookies in 3rd party contexts such as some identity flows. The recommendation from Safari for these scenarios is to use the storage access API and request access to cookies in 3rd party contexts.

In the Identity server, there are many flows impacted by the heavy cookie restrictions in 3rd party contexts. More information is described in https://wso2.com/blogs/thesource/the-impact-of-blocked-third-party-cookies-on-wso2-identity-server/.

Describe the solution you would prefer
Explore storage access API and see how Identity server flows can benefit from it. At first, the use cases with storage access API should be understood and then need to check how to leverage it for impacted Identity Server flows.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
gateway Identity gateway Type/NewFeature
Projects
None yet
Milestone
FUTURE
Development

No branches or pull requests
1 participant
@tharindu-b-hewage