I have an app protected with Cloudflare Zero Trust/Access using Facebook as the main identity provider but having some issues with mobile users.
The app is primarily written in PHP running on Apache and I have been able to access the CF_Authorization no problem with users on desktop, however, mobile users do not seem to be passing the cookie to the web server (PHP errors report that CF_Authorization cookie does not exist) so I am having a tough time authenticating requests.
Not sure if it’s related, but the /cdn-cgi/access/logout URL also doesn’t work on mobile but it does work on desktop.
I have mainly tested this on Safari using iOS 16.1.1.
Any advice would be much appreciated. Thanks!