SetCookie Domain is too broad for the cookies to work
-
Hi,
I've been trying to get FusionAuth working to authenticate a system built with NextJS using the react-sdk.
I've managed to integrate the two locally (using the localhost domain) and that works just fine, but when I try and use it on a fully qualified staging domain (staging.example.co.uk) with the hosted FusionAuth instance at (auth.example.co.uk) the cookies are blocked as the domain is
Domain=co.uk
I've spotted the docs (here
https://fusionauth.io/docs/apis/hosted-backend#prerequisites) sayingFusionAuth will set the domain on these cookies to .example.com where example is the domain name that FusionAuth is serving from either from the domain or any subdomain, com is the top-level domain, and the . allows the cookie to match the domain and all subdomains.
But this doesn't seem to be happening. At the moment I can't work out how it's setting that, is it related to the Authorized redirect/origin URLs specified in the application configuration? Or does it just work off where the FA instance is being hosted?
Any help would be greatly appreciated!
-
@fin When you say the cookies are blocked, what error message are you getting? What do you mean by blocked?