So I have A,B,C. A - client, B - authentication server, C - main server. Everything has SSL certificates installed so https is used as a protocol in all A, B and C.
EDIT: All A, B, C have different hostnames.
The process is this, I make a registration request from A to B and I receive cookies ( access_token ) from B. After this, I make request to C for some information,but I have a middleware on C that checks if the access_token is valid, and it never find the access_token because the cookies are not sent. So A doesn't send the cookies received from B, to C.
Strangely enough, I can send the cookies from A to B again, because the B checks the cookies to see if the user is still logged in.
I try doing this with axios and withCredential: true but still doesn't work.
Here is the request:
await axios
.post(
`${url}`,
{body},
{ withCredentials: true }
)
Here is how the cookies are sent from B:
res.cookie("access_token", token, {
httpOnly: true,
secure: true,
maxAge: 86400000,
sameSite: "none"
});
I tried almost everything I saw on forums/posts etc... I have almost 10 hours looking into this. Does anybody know what I'm doing wrong?
Turns out it's not possible the way I tried to, I ended up making B and C having the same domain to solve it.