SameSite support

Because Sitecore Identity Server is a default provider of Federated Authentication, apply both of the following sections to your solution.

Make Sitecore Federated Authentication compatible with SameSite changes:

1. Update the Net Framework version on the server:
   https://docs.microsoft.com/en-us/aspnet/samesite/kbs-samesite
2. Configure the default values of cookies in the <system.web> section of the web.config file as follows:

   <httpCookies sameSite="None" requireSSL="true" />

3. Download the Sitecore.Owin.Authentication.SameSite archive to prevent cookie chunk maximum size from being exceeded. Unpack the archive and follow instructions in the readme.txt file.
4. If there are custom identity providers configured, make sure that CookieManager is specified when UseOpenIdConnectAuthentication() extension method is called. The OpenIdConnectAuthenticationOptions object, passed to UseOpenIdConnectAuthentication() method, must have the CookieManager property set implicitly. Use the instance of ICookieManager, registered in the Service Container. You can inject it as a constructor dependency.

Make Sitecore Identity server compatible with SameSite changes:

1. Download the Sitecore.Plugin.Authentication.SameSite archive.
2. Install the plugin to Sitecore Identity server (see readme.txt inside the archive for detailed instructions).