This incident has been resolved.
Why did it happen?
Flexpa released a fix to accommodate a scenario where some payer authentication flows were incompatible with Safari. However the fix, which uses cookies to handle communication between Flexpa Link and Flexpa API, introduced a bug which was undetectable in the development environment because the development environment shares the same domain across services.
How do we prevent it in the future?
- Broaden test suite across browsers. Safari, Chrome, Firefox etc.
- Test across multiple domains in the development environment
