Safari 13 and later block third-party cookies from iframe requests. When a Bubble app runs inside an iframe, the client-side workflow starts with one user ID, but the server can't read the cookie and sees no user. This mismatch prevents any workflow from completing successfully.
What you might notice
Workflows fail when your app is embedded in an iframe on Safari
The same app works correctly on other browsers or when not in an iframe
Workaround
Enable "Do not set cookies on new visitors by default" in Settings > General > Privacy & Security. This ensures both server and client treat the session as anonymous, resolving the mismatch.
Alternatively, ask end-users to enable cross-site tracking in their Safari settings — though this isn't the default and can't be controlled by you.
This is a browser-level restriction introduced by Safari's Intelligent Tracking Prevention (ITP) policy. You can read more in the documentation.