To make authentication cookies work beyond the 7-day expiry on Safari, classify them as first-party cookies by ensuring the subdomain and domain resolve to the same IP addresses, which can be complex in a Decoupled Frontend & Backend Architecture.
A solution is to add a dynamic endpoint to the frontend that sets the authentication cookie on the frontend domain then use that cookie on the backend subdomain, ensuring cookies are shared across subdomains to maintain authentication.
Consider various security measures like using `SameSite=Strict` to protect against CSRF and being cautious about running only trusted code on subdomains when implementing this method.