In our topography we have foo.com, myfoo.com, outletfoo.com and auth.idsrv.com.
For dev purposes, these are separate websites that live under 1 iis instance.
foo.com, myfoo.com and outletfoo.com are relying parties of auth.idsrv.com.
If user bookmarked any link in foo.com, myfoo.com or outletfoo.com and that link points to a resource requiring authentication, we redirect to auth.idsrv.com.
foo.com, myfoo.com and outletfoo.com are not https by default, one or more could be though. auth.idsrv.com is https.
After redirecting to auth.idsrv.com, I enter username/password all is well. cookie “idsrvauth” is expiry Session / http. However, upon redirect back, the idsrvauth cookie is gone because of expiry Session.
Perhaps only my configuration is incorrect. With foo.com, myfoo.com, outletfoo.com and auth.idsrv.com being separate domains, is there a supported scenario in the identity server configuration where relying parties can be separate domains? Can you point to the correct way to configure the relying parties so that each can receive the idsrvauth cookie.
When authentication is validated and the redirect happens, how would we have knowledge of the idsrvauth cookie in any (essentially cross domain) calling application in our example topography?
