I have two rails apps both are connected to same database and hosted on same domain but with different subdomains.
App1 with backend code only and App2 with frontend code and it uses react-rails to add react components.
App2 uses an API token to connect with App1 that I have to pass through the react component. The safest way to do so according to me is an htttpOnly cookie. My question is how to share the cookie that I set in App2 with App1.
I have already tried setting the domain:all and tld_length: 2 in the session store, but it doesn't work.