Full Title or Meme
An Authentication Cookie is a compact collection of data provided to a User Agent by a Web Site to be retrieved later as proof that an Authentication has be successful with this session on this device.
- In particular Apple introduced a restriction on same-site cookies that caused common implementations of OAuth 2.0 to fail. Brock Allen decode that issue on his site The basic problem is OAuth front channel Authentication is determining which site is the "same site". So, while the authentication works, the redirect to the client code is not considered, by iOS 12) to be a same site operation.
- Brock Allen, Same-site cookies, ASP.NET Core, and external authentication providers. (2019-01-11) https://brockallen.com/2019/01/11/same-site-cookies-asp-net-core-and-external-authentication-providers/