Third-Party Cookies Chrome Phaseout

When testing for the Third-Parth Cookies Phasehout which Chrome announced (, I noticed that the cookies are not being send to our API.

What I’m trying is:

We authorize via t.authorize with our endpoint, which works

When trying to go to card-buttons and make an API call to our app (via ajax), we get an unauthrized warning from our app, since the cookies are missing in the request.

When I disable the Chrome Flag which I enabled for testing and I make a request, it works and I’m authenticated by my API and I do see the cookies in the request.

This seems like it will break all Trello powerups. Am I missing something, is there a workaround in development right now?

Take a look at Trello’s JWT implementation t.jwt(opts)
This lets you secure comms between your power-up and your server by passing the JWT from Trello, which you can then validate on your server. This can let you then match the Trello user to a user in your tool.