Redirecting to client after login does not recognise that the user has been logged in (TypeScript client and BFF (3.x))

[norgie]

Hi all,
The title may be a wee bit misleading but let me explain my problem. Currently we've got an existing SPA which communicates directly with an IdSrvr (7.x). Now we're in the process of introducing the BFF into this set-up. When running said BFF and the SPA on my machine (localhost), the login flow works without a hitch. However, when I deploy the BFF-application to our test/integration server and then point the SPA to use this BFF instance, then when the user clicks on the login "button" he/she doesn't get logged in but are instead returned to the same page with the log in button still enabled . Using the browser's developer tools I notice that fetching user info from the BFF returns a 401 in this scenario which leads me to think that perhaps the cookie isn't present or not sent to the BFF. Btw, our same-site policy is set to Lax. Any help/pointers etc. would be very welcome.

TIA.

[AndersAbel]

Can you check the network traffic in the browser dev tools? The IdentityServer redirects back to the BFF (default path /signin-oidc). If you inspect the response headers and cookie information for that request, is there a session cookie set? Is that session cookie included in the subsequent calls to /bff/user?