Hacker News new | ask | show | jobs
by algesten 1644 days ago
That's not how that works. One common way here is OAuth2 which includes a callback URL such as:

https://internal.yourcompany.com/oauth2/callback?token…

That token in the callback does not require any kind of cookie to use for subsequent authenticated calls.