Hello!
I am currently hosting a React app on Netlify for my front end and a Spring app on Render for my back end. Everything has been working fine except when I authenticate with my back end using OAuth2 providers. The flow for this is that a button on the front end is clicked, requesting an endpoint in the back end which redirects to the OAuth2 provider (e.g. Google). The user then authenticates with this provider & is redirected to my back end, which in turn redirects the user back to the front end after attaching some authentication credentials as cookies to the response object.
In development on a local machine (using localhost addresses), this process works as expected. However, the live site seems to erase the cookies & does not pass them along properly. I’m not sure whether this is an issue with how my cookies are configured or if it is something with how Netlify works.
I cannot attach more than one image, but have linked an imgur album showing the OAuth2 authentication occurring on both localhost & on the Netlify/ Render solution. The cookie configuration is in the screenshots, but to save the need for deciphering, they are configured with the following properties:
SameSite: None
Secure: true
HttpOnly: true
Path: "<backend-root-url>/*"