Is there any way to keep a person authenticated with firebase across subdomains

Question

I use firebase for authentication on my website and I want to keep the users auth session active across subdomains.

Unfortunately, firebase uses Local Storage to sto

Answer 1

The iframe doesn't work anymore for Safari because it doesn't let the iframe's origin page access its own indexeddb anymore. That means you cannot get the id token and onAuthStateChanged will always return null.

We've implemented another solution where we store a custom token into a secure cookie along with a redirect information, redirect the user to the other domain, use the cookie to sign in or sign out the user, delete the cookie and redirect him again to the location stored in the cookie.

1. Login
2. Get custom token
3. Set cookie with action "signIn" or "signOut", redirectUrl and token (if signIn)
4. Redirect to other page
5. Sign in or sign out
6. Delete cookie
7. Redirect to redirectUrl

That works for iOS and Desktop Safari again. But it only works if it's on the same domain so that both subdomains are going to have access to that cookie.