Chrome is now blocking Cognito tokens in localstorage within an iframe

This issue just started happening around mid-August 2023, and only to SOME of our users. I have an app that uses Cognito auth. The whole login process works completely fine when opened in a browser. When embedding that site in an iframe, the Cognito auth tokens are missing. I can have the iframe open and the site open in a separate tab side-by-side, the tab has the Cognito tokens, the iframe does not (found by inspecting localstorage). I could not find anything in the Chrome update notes that would have affected this functionality.

We have tried to reinstall and update Chrome. We have tried clearing all browser data. We have gone through change logs to find any updates that may have caused this. We have reduced all security settings.

Topics

Front-End Web & Mobile Security, Identity, & Compliance

Relevant content

Amplify Cognito Auth JS Library keeps all tokens in localStorage?
Accepted Answer
dboardman
asked a month ago
Complete a custom passwordless cognito auth flow, and getting tokens in a node app
rePost-User-8872635
asked a year ago
How many Cognito user pools should I have in an APP?
Accepted Answer
cao95
asked 5 months ago
Cognito: Make auth tokens validity dependent on user's activity
hqs-lehmann
asked 2 years ago
How do I troubleshoot an "Invalid Refresh Token" error from my Amazon Cognito user pool API?
AWS OFFICIALUpdated a year ago
How do I revoke refresh tokens issued by Amazon Cognito?
AWS OFFICIALUpdated a year ago
How do I revoke JWT tokens in Amazon Cognito using the AWS CLI?
AWS OFFICIALUpdated a year ago
How can I decode and verify the signature of an Amazon Cognito JSON Web Token?
AWS OFFICIALUpdated 2 years ago
Getting started with AWS Support App in Slack - 10 questions and answers
EXPERT
AChan
published 2 years ago
AWS Cognito Finally Supports Custom Claims for Access Tokens
EXPERT
Antonio_Lagrotteria
published a month ago