Third-party SSO logins now work without cookies in Sanity Studio
8 replies
Last updated: Sep 12, 2022
T
Hi ๐ According to these release notes , browsers who block third-party cookies should be able to login to the studio without requiring a user to manually change browser settings. I'm running on version 2.29 and it still doesn't work in Safari. We are using SSO though, so is that the reason it doesn't work?
Jun 3, 2022, 9:30 AM
Yes - we're working on a fix though! Stay tuned ๐
Jun 3, 2022, 3:15 PM
T
Any information on this? Is there a ticket or something to follow?
Aug 22, 2022, 5:50 AM
T
Ping:) Still no information on third-party cookies for SSO users? The lack of support for an alternative login approach is kind of a big deal i would say. For instance, the lack of support effectively blocks out everyone on iOS or safari and requires a manual exception on many other browsers. Yes, iOS users and users of other browsers could allow third-party-cookies, but come one, that is not really a serious option.
Sep 5, 2022, 8:23 PM
Sorry about the silence! It should be working now - are you still having issues? If so I'll have the support team follow up so we can debug this
Sep 7, 2022, 4:38 PM
T
Just upgraded to the latest version. I canโt get it to work. I still need to enable third party cookies for login to work. If this is fixed, i would really appreciate a follow up from the support team ๐
Sep 10, 2022, 6:48 AM
P
Hi
To get it to work, the studio needs to get the session ID (SID) as a hash parameter. In other words, it should redirect back to the studio with
Here's an example from our own
Community Studio to illustrate the change: https://github.com/sanity-io/community-studio/commit/4a8446ce2a6600a502cfb87b1e2230bd0c8e6710
Let us know if you run into any issues or if I misunderstood that you're using the old SSO setup and not
the newer one .
user F
, thanks for your patience and apologies for only getting this information to you now. There was some confusion on our end as it's not well-documented yet, but we do indeed support cookieless logins for third-party SSO implementations.To get it to work, the studio needs to get the session ID (SID) as a hash parameter. In other words, it should redirect back to the studio with
#sid=foo.
Here's an example from our own
Community Studio to illustrate the change: https://github.com/sanity-io/community-studio/commit/4a8446ce2a6600a502cfb87b1e2230bd0c8e6710
Let us know if you run into any issues or if I misunderstood that you're using the old SSO setup and not
the newer one .
Sep 12, 2022, 10:14 AM
T
Great stuff! It now works. Hopefully this will be referenced in the documentation on third-party logins
Sep 12, 2022, 4:39 PM
P
Thanks for confirming! We'll make a note to add this to the docs. Glad it's working now!
Sep 12, 2022, 5:52 PM
Sanityโ build remarkable experiences at scale
Sanity is a modern headless CMS that treats content as data to power your digital business. Free to get started, and pay-as-you-go on all plans.