I need to integrate the application in an iframe from another website. I manage to display the login page of the application in an iframe addind cors headers in the response. The application use .net 4.8 framework. After user add his credentials: username and password, the authentification seems to work, I check the code with debugger, one of the auth cookies is generated. After login user is redirected to the main page of the application, but I have an authorize attribute which check if the user identity is not null, and if it is null the user is redirected to the login page and this is what is going on. I think this happens because one of the authorization cookie has samesite property set to None. Code for generated auth cookie. The problem is that I don't know exactly where this cookie is generated to set the samesite property to none there.
I tried different methods to set this property to none: adding a middleware in for the request and adding this property in the header and setting it on the sign in.