Hi everyone,
A while ago we had an issue with sharing ory session cookie inside an iframe and your team helped us a lot. This page settings are working fine now -
https://www.ory.sh/docs/hydra/guides/cookies for most of the browsers.
We were able to share cookie in Chrome and Firefox, but it appears that for Safari hydra session cookie is not shared at all. And we are getting this error:
The resource owner or authorization server denied the request. The flow cookie is missing in the request.
Looks like all our setup is at risk now. I wonder if there is a valid way to skip this cookie check before providing an access token by code, I mean this step -
https://www.ory.sh/docs/oauth2-oidc/authorization-code-flow#step-4-exchange-code-for-token?
Thanks