By default, the Mixpanel cookies work across domains and subdomains, but Mixpanel does not automatically track across those domains.
However, if your site is hosted on a domain like Heroku (or similar - see a complete list of affected domains) with a URL like XYZ.herokuapp.com, cross-subdomain cookies are not allowed for security reasons. With Mixpanel default settings on these sites, users' distinct IDs will be reset to a new $distinct_id on each page load. This will cause issues with Mixpanel reports, namely broken Retention reports and Funnels.
To resolve the issue on sites that don't allow cross-subdomain cookies:
The default cross_subdomain_cookie config is set to true in your mixpanel.init function, which will allow your subdomain's cookie to be stored and keep the Mixpanel distinct ID and super properties consistent across the sub-domain:
Or, use a CNAME to change from yourdomain.herokuapp.com to yourdomain.com.