Hi @motifcreatives,
I believe this is an issue with your application sending cookies without a SameSite parameter, which is now treated as Lax and therefore the cookie is blocked. It works without the iframe because there is no cross-site behavior in that case. If you want this to work, you’ll need to send your cookies with SameSite=None, but that has other security implications. See the MDN article for more information.
Please see the following forum thread for a further explanation: