Eventually, we figured out to allow cookies for all cross site cookies & then it worked, but my website coder says it would be better if we could whitelist the site, that would be much better.
He thinks that’s what evil chrome is going to be doing when they come out with this in a month or two.
In Settings --> Privacy/Security --> Site/Shields settings --> Cookies, you can manually add sites to the Allow section, should should achieve what you’re trying to do.
The Shields panel in the address bar does this already – any time you change a sites Shields settings in the Shields panel in the address bar those changes are kept for that site only. So if you want to allow a specific site to send/receive cross-site cookies, open the Shields panel on that site and select Allow all cookies. This change will persist across sessions as well.
We have some Shields documentation that you may find useful as well: