KORE integrates with your CRM's OAUTH authentication to ensure users have a valid connection to your CRM before loading our pages in a Single-Sign-On experience. KORE checks to ensure you have a valid login Cookie from the CRM in this process.
Issue
New restrictions with 3rd Party Cookies in modern browsers may interfere with this authentication flow and the browser may block the connection to the login page should your CRM session expire. This would result in the following behaviour:
You may also see the follow error message in the browsers Developer Console:
Resolution
- First attempt to clear your browser cache and cookies to clear our any existing login sessions with your CRM system. Refresh/reload the pages to see if this clears the issue
- Ensure that 3rd Party Cookies are enabled and add the customer's CRM URL to the exception list. We recommend adding "*.dynamics.com" to any 3rd party cookie exception list to include any/all CRM environments.
- For Chrome - "Allowed to use third-party cookies": https://support.google.com/chrome/answer/95647?hl=en-GB&co=GENIE.Platform%3DDesktop#zippy=%2Callow-third-party-cookies-for-a-specific-site
- For Firefox: https://support.mozilla.org/en-US/kb/third-party-cookies-firefox-tracking-protection
- For Edge - "Allow" section under cookies: https://support.microsoft.com/en-us/windows/microsoft-edge-browsing-data-and-privacy-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd
Additional Troubleshooting Information
PSS relies on the user's login.microsoftonline.com authentication as part of it's own authentication mechanism. If the user is logged out of "login.microsoftonline.com" and the PSS cookie expires the user is also logged out of PSS.
When a user sees a "grey area" instead of pss functionality, it means that the user's "login.microsoftonline.com" login has expired.
To log back into PSS:
- Go to login.microsoftonline.com in a new browser tab.
- Log into login.microsoftonline.com.
- Refresh the previous CRM tab.
In most of Kore's PSS environments, "login.microsoftonline.com" authentication doesn't expire within days. Check with your IT department/Provider to determine if extending authentication options for "login.microsoftonline.com" is possible.
Ongoing 3rd Party Cookie Support
Chrome plans to disable third-party cookies for 1% of users starting in early Q1 2024 with the eventual goal of ramping up to 100% starting in Q3 2024, subject to resolving any competition concerns with the UK's Competition and Markets Authority (CMA). This is a move to enhance security and identity protection of users on the Internet. More information can be found here: https://developers.google.com/privacy-sandbox/blog/cookie-countdown-2023oct
Google plans to fully discontinue support for 3rd party cookies in Q3 2024 - this means KORE's integrated experience with CRM through IFRAMEs may be impacted and the experience may need to change. Our team is currently investigating solutions and accessing the long term impacts of this announcement.
In the meantime, the current workaround for CRM users of Chrome-based browsers that are affected by the 1% trial is for each affected user to add the CRM's URL to the list of sites approved to use third-party cookies in the browser privacy and security settings.
For instructions on how to allow third-party cookies for a specific site, please see the following article: https://support.google.com/chrome/answer/95647?hl=en-GB&co=GENIE.Platform%3DDesktop#zippy=%2Callow-third-party-cookies-for-a-specific-site