We serve a.example.com and b.example.com through cloudflare. Both use different Cloudflare access applications, Idp and different access policies to serve content through authorization.
when we go to a.example.com then we are taken to cloudflare login page. Logged in and page loads correctly.
when we go to b.example.com on the same laptop then it uses CF_Authorization cookie of a.example.com, renews this cookie, replaces aud with b.example.com access policy audience and returns the same cookie. It doesn't replaces claims, sub etc from a.example.com cookie. So it's breaking b.example.com.
Is it possible for a.example.com and b.example.com have different cookies altogether ? To achieve that what needs to be done ?