I had one more problem, couldn't figure out what's...
# support-questions
h
I had one more problem, couldn't figure out what's wrong after spending couple of hours. I have three apps. 1) Nodejs api (api.someothedomain.com) 2) Angular SSR (example.com) [sessionScope=".thedigitalpoultry.com" in the UI] and for api set [cookieDomain=".thedigitalpoultry.com"] 3) Angular SPA (app.example.com) According to the doc I did all the configuration (https://supertokens.com/docs/thirdparty/common-customizations/sessions/share-sessions-across-sub-domains) In production, I can authenticate user on example.com and set sAccessToken, sRefreshToken on domain .example.com. I have sameSite = "none", also it is reflecting in the cookie tab. I can see the cookies in inspection mode, in app.example.com. However when xhr request is send to api.someothedomain.com from app.example.com, cookies are not being attached. Everything works great in localhost. What am I missing ? Also in the angular SSR app frontend what would be the apiDomain and websiteDomain ?
r
hey @hehohesda
if the node API and frontend are on different base domains, then cookies cannot be shared - since sharing of cookies is only possible across sub domains.
h
ohh is that so. All the time I thought we can share cookies across different domains. Thank you
What is the significance of sameSite ?