We have a user who is unable to even reach our app landing page. Upon arrival, they get a 403 error from /realms/customers/protocol/openid-connect/3p-cookies/step1.html. No other user, so far, is getting this error. We all get a success 200.
Taking a look at the contents of that file reveals it very simply tries to determine if the user supports third party cookies. I’ve tried disabling them in my various browsers, yet it still works. What would cause such a simple html page to throw a 403 error for one user?