Signing in users with external identities from Safari and Brave is not working. The workaround for Safari is to disable Prevent cross-site tracking in the setting menu. There is another option using gcloud iap settings set as explained in https://cloud.google.com/sdk/gcloud/reference/iap/settings/set, I tried it but I am getting this error: FAILED_PRECONDITION: Precondition check failed.
I also tried to follow the steps in https://quabr.com/59905271/how-do-you-enable-cors-requests-to-a-google-compute-engine-iap-enabled-load-bala and I get a similar error.