To read or write cookies, an app that's embedded in Shopify POS needs to be in a first-party context, which means that it has no parent. When your app calls ShopifyPOS.init, it is pulled into a third-party context because Shopify is the parent of your view. In this third-party context, your app can't read or write cookies.

After the first time that your app calls ShopifyPOS.init, your app might be automatically pulled into a third-party context on consecutive views. To read or write cookies, you need to temporarily escape that third-party context by using ShopifyPOS.remoteRedirect.

You can use JavaScript to check your app's context, and then call ShopifyPOS.remoteRedirect (if necessary):

if (window.top == window.self) {
  // First-party context

  // Set or read cookies

  // Initialize ShopifyPOS when you're done
  ShopifyPOS.init({
    apiKey: apiKey,
    shopOrigin: shopOrigin
  });
} else {
  // Third-party context

  // Set or read cookies at your first-party view, and then redirect back into the first-party context from there
  ShopifyPOS.remoteRedirect('https://app-domain.com/set-cookies');
}