Overview
Many browsers have started blocking cross-origin or "third-party" cookies by default. Google Chrome plans to disable third-party cookies for 1% of users in Q1 2024. Read more about Google’s plan here: Deprecating 3rd party cookies for Chrome users.
How to Test for Impact
If your Okta authentication experience is hosted on a domain that is different from your relying applications (e.g., www.mycompanyapps.com requires authentication from mycompany.okta.com), you are likely impacted by these changes and will need to modify your Okta deployment by the end of 2024.
Google has made an exemption for Okta's 3rd party cookies until the end of 2024. However, you can set Chrome's flags to simulate how the browser will treat Okta's 3rd party cookies after that exemption ends.
To simulate how Chrome will treat Okta's 3rd party cookies in 2025 and beyond:
- In Google Chrome, visit the URL chrome://flags/
- Ensure these flags are set as follows:
chrome://flags#third-party-cookie-deprecation-trial -> enabledchrome://flags/#tracking-protection-3pcd -> enabled
chrome://flags/#tpcd-metadata-grants -> disabled- Exercise the critical authentication flows that redirect through Okta domains or use Okta APIs for authentication
