10.3 and 3.1 Will the Google Chrome update break my Single Sign-On process?
Default Subject
Questions
Will Google's Chrome 80 update and enforcement of SameSite cookies impact my WebTrac's Single Sign-On (SSO) functionality?
Answer
Yes SSO will not function, if:
1.) The method of SSO being utilized by your organization is Unencrypted Cookie or Trusted Redirect
2.) And your cookie is not specifying SameSite=None; Secure as an attribute
Contact your organization's IT Resource who manages your SSO and pass along that your cookie MUST now specify SameSite=None; Secure.
Test
To test the effect of the new Chrome behavior on your site or cookies you manage, you can go to chrome://flags in Chrome 76+ and enable the SameSite by default cookies and Cookies without SameSite must be secure experiments. You can then proceed with your SSO login process if it fails you likely do not have the sameSite=none attribute in the cookie that is being passed over to WebTrac.
More info
https://web.dev/samesite-cookies-explained/
https://blog.chromium.org/2019/10/developers-get-ready-for-new.html