ASP.net Core 3.1 web application Calling another asp.net core application url in IFrame resets identity and any other pages redirects to login page

Question

I am creating 2 web applications using ASP.net core 3.1. I need to call 1st application in iFrame in second application it resets the login identity and when i click any other link in my website it redirects to login page. How to avoid this?

Below the jQuery code I use to load iFrame.

$(document).ready(function () {

$(function () {

    $('#previewBot').on('click', function () {

        var client = $("#client_id_Broker").html();  
        var secret =   $("#session_secret").html();  
        var siteid = $("#site_id_Broker").html();  
        var site = window.location.hostname;

        var chatpopContent = "<iframe src='";
        var number = 1 + Math.floor(Math.random() * 6);
        var URIChat = "https://localhost:44355/?client=" + client + "&siteid=" + siteid + "&secret=" + secret + "&site=" + site + "&r=" + number ;
        chatpopContent += URIChat;

        chatpopContent += "' id='iView' frameborder='1' class='frame-container' referrerpolicy='no-referrer' rel='noreferrer' async='false' ></iframe>";


        $("#showpreview").empty();
        $("#iView").remove();
        $("#showpreview").append(chatpopContent);

    });
});

});

Below is my startup config, is there anything wrong in this? or what should be added to avoid redirecting to login page after calling iframe?

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<ApplicationDbContext>(options =>
            options.UseSqlServer(Configuration.GetConnectionString("SqlConStringLocal")));

        services.AddDefaultIdentity<ApplicationUser>(options =>
        {
            options.SignIn.RequireConfirmedAccount = true;
            options.User.AllowedUserNameCharacters = "abcdefghijklmnopqrstffgsfsdfsfsfff123456789-_";
            options.User.RequireUniqueEmail = true;
        }).AddEntityFrameworkStores<ApplicationDbContext>();

        services.ConfigureApplicationCookie(o => {
            o.ExpireTimeSpan = TimeSpan.FromDays(5);
            o.SlidingExpiration = true;

        });
        services.AddMvc(o =>
        {
            //Add Authentication to all Controllers by default.
            var policy = new AuthorizationPolicyBuilder()
                .RequireAuthenticatedUser()
                .Build();
            o.Filters.Add(new AuthorizeFilter(policy));
        }).AddNToastNotifyNoty(new NotyOptions
        {
            Layout = "bottomRight",
            ProgressBar = true,
            Timeout = 5000,
            Theme = "metroui"
        });

        services.Configure<DataProtectionTokenProviderOptions>(o =>
         o.TokenLifespan = TimeSpan.FromHours(3));
        
        services.AddAutoMapper(typeof(Startup));
        services.AddRazorPages();
        services.AddControllers();
        services.AddSignalR();
        services.AddTransient<IEmailSender, EmailSender>();
        services.Configure<AuthMessageSenderOptions>(Configuration);
         //services.AddSingleton<IRepository, Repository>();
     
        services.AddScoped<ISitesRepository, SitesRepository>();
        services.AddCors();
        services.AddControllersWithViews()
           .AddNewtonsoftJson()
           .AddXmlDataContractSerializerFormatters();
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
            app.UseDatabaseErrorPage();
        }
        else
        {
            app.UseExceptionHandler("/Error");

            app.UseHsts();
        }

        app.UseCors(builder =>
        {
            builder
            .AllowAnyOrigin()
            .AllowAnyMethod()
            .AllowAnyHeader();
        });

        app.UseHttpsRedirection();
        app.UseStaticFiles();
        app.UseNToastNotify();
        app.UseRouting();

        app.UseAuthentication();
        app.UseAuthorization();
        app.UseEndpoints(endpoints =>
        {
            endpoints.MapControllerRoute(
                name: "default",
                pattern: "{controller=Home}/{action=Index}/{id?}");
        });



        app.UseEndpoints(endpoints =>
        {
            endpoints.MapRazorPages();
            endpoints.MapControllers();
            endpoints.MapHub<ChatAdminHub>("/chatAdminHub");
        });
    }

Answer 1

I was able manage to solve the issue by adding below cookiePolicyOptions.

       services.Configure<CookiePolicyOptions>(options =>
        {
            
            options.CheckConsentNeeded = context => true;
            options.MinimumSameSitePolicy = SameSiteMode.None;
            options.OnAppendCookie = cookieContext =>
              CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
            options.OnDeleteCookie = cookieContext =>
              CheckSameSite(cookieContext.Context, cookieContext.CookieOptions);
        });
        services.ConfigureApplicationCookie(options =>
        {
            options.Cookie.Name = "myappcookieName";
            options.Cookie.SameSite = SameSiteMode.None;
            
        });