How to Prepare Your Application for the Blockage of Third-Party Cookies.

Browsers Are Ending Third-Party Cookie Support

Browser manufacturers are ending support of third-party cookies. Google Chrome is the most prominent example, with its third-party cookie deprecation program planned for the end of 2024.

In our fourth and last installment of our blog series dedicated to the third-party cookie deprecation, we’ll glance over the definitive solutions you can implement for your application if it is affected: Cookies Having Independent State (CHIPS) and Storage Access API (SSA).

As a reminder, our previous blog covered the deployment of the deprecation trial token. If your solution is affected, you must get active and deploy your deprecation trial token by the end of the grace period.

If your custom domain was approved for a deprecation trial before July 1st 2024, the end of the grace period is set to August 30th, 2024.

If your custom domain was approved on July 1st or after, you have 60 days starting from the date your custom domain was approved to deploy your deprecation trial token.

Check out our blog and our dedicated step-by-step guide to get active now.

 

Implementing CHIPS or SAA

Before even considering CHIPS or SAA, make sure that you test your solution for breakage first. See our dedicated step-by-step guide for more information: Preparing and Testing Your Solution for Third-Party Cookie Deprecation.

At SAP, we recommend implementing Cookies Having Independent State (CHIPS) or Storage Access API (SAA). Which solution you should apply depends entirely on your scenario and the context of your application. Both solutions have pros but also limitations you should be aware of. We’ve listed them in our full guide dedicated to these solutions.

SAP has made changes to Approuter and SAP Authorization and Trust Management Service to make them CHIPS and SAA ready out of the box.  These components use a combination of CHIPS and SAA to negate the effects of third-party cookie deprecation.

However, because SAP wants customers and partners to fully test their application or extension before making potential changes, customers and partners must still manually configure their application or extension if they are affected. That extra configuration step must be done by the application owner. See our full guide for detailed steps.

If your application or extension uses these components and SAP cookies only, this configuration step is sufficient to make your application or extension ready.

If your solution or extension uses either Approuter or SAP Authorization and Trust Management Service, and sets its own cookies, you must fully implement CHIPS and SAA. Our guide can help you decide what solution is the best for your scenario.

Below is a brief recap of how both solutions work.

 

Cookies Having Independent State (CHIPS)

Partitioning cookies allows an embedded application to access cookies in its own third-party context. This solution is mostly suitable if the cookies are used for information that is only relevant in their respective context, e.g session cookies, application state, caches, etc…

With cookie partitioning, a third-party service that sets a cookie when embedded in one top-level site cannot access that same cookie when the service is embedded in other top-level sites.

 

Storage Access API (SAA)

Storage Access API is a JavaScript API that allows iFrames to request storage access permissions when access would otherwise be denied by your browser settings. It also enables access to cookies in a third-party context the same way you would access them in a first-party context.

Both solutions might require additional configuration depending on your application scenario. Check our full dedicated guide for more information.

 

Further Information

This is the final part of our blog series covering the third-party cookie deprecation:

Are You Affected by the Third-Party Cookie Deprecation? How to test your solution for breakage? Full testing guide is now available: Preparing and Testing Your Solution for Third-Party Cookie Deprecation .How to handle deprecation trial tokens? Full deployment guide is now available: Getting and Applying a Deprecation Trial Token for the Third-Party Cookie DeprecationHow to prepare your application for the blockage of third-party cookies. Full implementation guide in now available: Implementing a Permanent Solution for the Third-Party Cookie Deprecation 

​ Browsers Are Ending Third-Party Cookie SupportBrowser manufacturers are ending support of third-party cookies. Google Chrome is the most prominent example, with its third-party cookie deprecation program planned for the end of 2024.In our fourth and last installment of our blog series dedicated to the third-party cookie deprecation, we’ll glance over the definitive solutions you can implement for your application if it is affected: Cookies Having Independent State (CHIPS) and Storage Access API (SSA).As a reminder, our previous blog covered the deployment of the deprecation trial token. If your solution is affected, you must get active and deploy your deprecation trial token by the end of the grace period.If your custom domain was approved for a deprecation trial before July 1st 2024, the end of the grace period is set to August 30th, 2024.If your custom domain was approved on July 1st or after, you have 60 days starting from the date your custom domain was approved to deploy your deprecation trial token.Check out our blog and our dedicated step-by-step guide to get active now. Implementing CHIPS or SAABefore even considering CHIPS or SAA, make sure that you test your solution for breakage first. See our dedicated step-by-step guide for more information: Preparing and Testing Your Solution for Third-Party Cookie Deprecation.At SAP, we recommend implementing Cookies Having Independent State (CHIPS) or Storage Access API (SAA). Which solution you should apply depends entirely on your scenario and the context of your application. Both solutions have pros but also limitations you should be aware of. We’ve listed them in our full guide dedicated to these solutions.SAP has made changes to Approuter and SAP Authorization and Trust Management Service to make them CHIPS and SAA ready out of the box.  These components use a combination of CHIPS and SAA to negate the effects of third-party cookie deprecation.However, because SAP wants customers and partners to fully test their application or extension before making potential changes, customers and partners must still manually configure their application or extension if they are affected. That extra configuration step must be done by the application owner. See our full guide for detailed steps.If your application or extension uses these components and SAP cookies only, this configuration step is sufficient to make your application or extension ready.If your solution or extension uses either Approuter or SAP Authorization and Trust Management Service, and sets its own cookies, you must fully implement CHIPS and SAA. Our guide can help you decide what solution is the best for your scenario.Below is a brief recap of how both solutions work. Cookies Having Independent State (CHIPS)Partitioning cookies allows an embedded application to access cookies in its own third-party context. This solution is mostly suitable if the cookies are used for information that is only relevant in their respective context, e.g session cookies, application state, caches, etc…With cookie partitioning, a third-party service that sets a cookie when embedded in one top-level site cannot access that same cookie when the service is embedded in other top-level sites. Storage Access API (SAA)Storage Access API is a JavaScript API that allows iFrames to request storage access permissions when access would otherwise be denied by your browser settings. It also enables access to cookies in a third-party context the same way you would access them in a first-party context.Both solutions might require additional configuration depending on your application scenario. Check our full dedicated guide for more information. Further InformationThis is the final part of our blog series covering the third-party cookie deprecation:Are You Affected by the Third-Party Cookie Deprecation? How to test your solution for breakage? Full testing guide is now available: Preparing and Testing Your Solution for Third-Party Cookie Deprecation .How to handle deprecation trial tokens? Full deployment guide is now available: Getting and Applying a Deprecation Trial Token for the Third-Party Cookie DeprecationHow to prepare your application for the blockage of third-party cookies. Full implementation guide in now available: Implementing a Permanent Solution for the Third-Party Cookie Deprecation   Read More Technology Blogs by SAP articles 

#SAP

#SAPTechnologyblog

Avatar for

You May Also Like

More From Author

+ There are no comments

Add yours