Despite searching extensively on Stackoverflow and various other sources, I have not been able to find a solution that works for my specific case.
The scenario is as follows: we have an application on domain A that we do not have control over, and an application on domain B which is integrated into application A using an iframe. Cookies are used in our application on domain B, and everything functions properly except in Safari. After reading this resource, it became clear that Safari requires explicit user interaction with domain B in the past for cookies to be preserved.
To address this issue, we attempted rendering an invisible pixel on site A through an integration JS script that injects an iframe into a div on site A. Additionally, we made CORS ajax requests from domain A to domain B using our integration script, ensuring "withCredentials" were set to true. While the request successfully returned a "set-cookie" header, the cookie was still not passed along to subsequent requests from the iframe to our domain B.
However, upon manually opening domain B, the cookies started getting passed correctly within the iframe integrated into domain A.
Despite exhausting all of our ideas thus far, including suggestions for JS redirects (which may result in a poor user experience), we have yet to find a successful resolution. Any advice or guidance would be greatly appreciated. Please help save my sanity, as this issue is proving to be quite frustrating :)