Hey @mbuhot!
Thanks for sharing this!
Would you be interested in, and able to, fork this into a new thread for further discussion and sharing? 
2 Likes
I was going to ask the same thing 
I’m currently wrestling with this.
2 Likes
I would also be interested in this-- we’re multi-tenant with schema-per-tenant approach using Triplex. I haven’t really dug into the 1.8 changes with scopes, but I have been curious about how that would work with our current model having put 0 thought in myself. So reading how someone else has managed/done this would be great and save me cognitive load.
Yes I’d be happy to, 
Might need to ping a moderator to fork the thread, I’m not sure if I can do that.
1 Like
I use OAuth2 between an Accounts service and my application service(s), which side-steps any domain/cookie problems. Might be a good idea to start taking this approach in general since browsers are trying very hard to kill third party cookies (probably for the best, what a terrible idea). Subdomains would still be fine though, I think.
Of course I took the OAuth approach because I intend to run many completely distinct app services, so if you’re just doing multitenancy on the same app maybe this is overkill? On the other hand, it could enable your customers to bring their own domains, which is a plus for some products.
1 Like
Hi @carlgleisner, I ended up writing a post on the Alembic blog about the approach we took.
Covers the Cookies, Content Security Policy, Plugs and LiveView hooks we used on a recent client project.
Hope it’s helpful to anyone in a similar situation
5 Likes
Pure gold 
Made my day, thank you for sharing so graciously! 
1 Like
