Last tested: Jan 21, 2021
Some browsers have their nuances.
Safari and firefox
Safari disables third party cookies by default if the user has not previously visited the host of the iframe, so users will have to enable third party cookies in their privacy settings by disabling the setting Prevent Cross-Site Tracking. (This also applies for Safari Mobile.) Firefox has also started blocking third party cookies by default. If admins do not want to have their users manually enable third party cookies, it may require a change to the domain name of your Looker instance (like looker.x.com instead of x.looker.com) to match that of the embed application so that Looker's cookies are no longer considered "third-party." Please contact your Looker account team to inquire about this option.
In Chrome, third party cookies are enabled by default in regular windows, so issues with browser settings impacting SSO embed are not as common as in Safari, although issues related to third party cookie settings may still apply in regular windows if users have changed the default settings. Chrome has also recently disabled third party cookies by default in incognito windows, and they have plans to disable third party cookies by default in all windows in the near future. You can go to "Cookies and other site data" under "Privacy and security" and then select "Allow all cookies" to change this setting.
There is another setting to watch out for if you host your own instance: Chrome now by default requires that any cookie with the
SameSite=None label has
secure flag and Looker does not signal
secure if the instance is not providing the --
ssl-provided-externally-by= start-up flag. Hence, if you're getting a 403 even after setting your browser to allow all cookies, you can go to
chrome://flags/ and then disable the following flags to see if this was the issue:
SameSite by default cookies and
Cookies without SameSite must be secure.
If you are on mobile using Chrome, you may not be able to directly enable Third Party Cookies on your device. See: https://www.whatismybrowser.com/guides/how-to-enable-cookies/chrome-mobile