Running VIP Authentication Hub, when login with a browser at the following page:

  domain.ssp.example.com

The browser gets a cookie named "SSPSESSION".  

In the same browser, when going to the same RP application, then, the browser gets redirected to the login page instead of accessing directly the RP application as it would be expected.

The SSPSESSION cookie gets created with the SameSite flag set to strict. Chrome and Firefox support that flag.

But the browser doesn't send the SSPSESSION cookie when reaching some host as the RP application:

  otherssp.example.com

Upgrade VIP Authentication Hub to 3.2 to get possibility to support for samesite cookie control on a per application basis.