Learn about the specialties of projects in development mode when working with Corbado’s session management.
LocalStorage
of the browser.
The reason behind is that some modern browsers (e.g. Safari) have stricter policies against third-party cookies in order to avoid tracking across the web (e.g. with Safari’s Intelligent Tracking Prevention (ITP)).
When developing locally the host (e.g. on http://localhost
) differs from the one of the Frontend API (e.g. https://<project ID>.frontendapi.cloud.corbado.io
). The browser sees this as third-party and does not send any cookies (e.g. in session refresh process).
However, when you set up a CNAME on production, you’re aliasing your host to another host, making cookies appear as first-party rather than third-party.