Chrome browser development and cookie settings

When developing, I notice that I get an Auth0 login every time I refresh a page…but when working with Dave, he doesn’t.
I checked my browser, and don’t have any particular browser extensions (turned off privacy badger but no change), but I know that I also routinely block 3rd party cookies, send ‘Do Not Track’ requests, and don’t have any sites allowed for 3rd party cookies.

When in the App, I see 2 Auth0 oriented cookies (the 2 named ‘auth0*’ are just a value of true so really aren’t useful to my knowledge.


But a page refresh goes back to the login…
The Network dev tool shows the call to Auth0, and shows a token returned (access and id token, scope, etc. with a expires_in for 24 hours)

When the page is refreshed, only the ‘intercom*’ cookies are left.
I’ve tried adding ‘https://login.meus.global’ as a accepted third party cookie, but no luck.
So I’m assuming I’m losing the token somehow…

Are there particular settings needed to allow for the Auth0 authentication to be preserved?

I also see the ‘did’ and ‘did_compat’ response cookies created after a login

But those don’t show up in the tabs cookie list…

if I enable all third party cookies, it then lets me stay logged in. Interesting though that the cookies don’t look any different when the refresh page stays logged in…

That’s a bad practice from a privacy perspective, so I need to figure out what URL I need to allow for 3rd parties for this to be more secure

ah, need to use devtools to see more, I see the token preserved under Application->‘Local Storage’ in devtools.
The token, returned by the initial login, is stored in Local Storage, and has ‘https://app-me-us-kirk.apexdesigner.app’ in my case as the origin.
Therefore, you have to have that origin set as an accepted 3rd party cookie in the browser: