# End of third-party cookies

{% hint style="info" %}
TL;DR; It's mostly inconsequential. &#x20;
{% endhint %}

Google is ending third-party cookies for all Chrome users in 2024 and are already disabled by default in Safari. &#x20;

Let's see how it might affect you. &#x20;

First of all, if your identity server and your app shares the same root domain you are not affected. &#x20;

Example, if you are in the case: &#x20;

* Your app is hosted at [www.example.com](http://www.example.com) or dashboard.example.com
* Your identity server, for example Keycloak, is hosted at: auth.example.com

You are not affected ✅. Indeed Both [www.example.com](http://www.example.com), dashboard.example.com and auth.example.com shares the same root domain: example.com.\
\
On the other end, if you are in the folowing case:

* You app is hosted at [www.examples.com](http://www.examples.com) or dashboard.example.com
* Your identity server is hosted at: auth.sowhere-else.com

Let's see how third party cookies phase out will affect you:&#x20;

* You will see a console warning "Third-party cookie will be blocked" in the console in production. &#x20;
* If a user that is authenticated close the tab of your app or close the browser and open your site again a while later. With third party cookies enabled and assuming he's session haven't expired yet he will be automaticall logged in. With third party cookies disabled your website will load in unautenticated mode. If he clicks on the login button this will trigger a full reload and he will be authenticated without having to enter he's credential again.   &#x20;

Conex resources: &#x20;

{% embed url="<https://github.com/keycloak/keycloak/issues/25990>" %}

{% embed url="<https://github.com/keycloak/keycloak/issues/26128#issuecomment-1887443632>" %}

## Google reCaptcha

reCaptcha is not directly related to oidc-spa since the cookie it sets is on the thegister page (so outside of your app). Anyway, since it's a connex concern: &#x20;

{% embed url="<https://docs.keycloakify.dev/faq-and-help/google-recaptcha-and-end-of-third-party-cookies>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.oidc-spa.dev/docs/v5/resources/end-of-third-party-cookies.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.