Set Custom Cookie node

The Set Custom Cookie node lets you store a custom cookie on the client in addition to the session cookie.

The node uses the specified properties to create a cookie with a custom name and value. It can also set attributes, such as the cookie path, domain, expiry, and security flags.

Use this node with the Configuration Provider node to extend custom capabilities. For example, create a Config Provider script to set custom static values or access values from the shared node state.

Include all the attributes in the configuration provider script’s config map. The following example sets the attributes of the custom cookie to static values:

config = {
    "name": "testname",
    "value": "testvalue",
    "maxAge": "60",
    "domain": "am.example.com",
    "path": "/",
    "useSecureCookie": false,
    "useHttpOnlyCookie": false,
    "sameSite": "LAX"
};

Reference the script when you create a Configuration Provider node, and set the Node Type to Set Custom Cookie:

Configuration Provider node referencing this node

Example

This example uses this node in a login flow. The node sets the custom cookie in the client browser after the user has successfully authenticated:

Availability

Product	Available?
PingOne Advanced Identity Cloud	Yes
PingAM (self-managed)	Yes
Ping Identity Platform (self-managed)	Yes

Product

Available?

PingOne Advanced Identity Cloud

Yes

PingAM (self-managed)

Yes

Ping Identity Platform (self-managed)

Yes

Inputs

This node reads the user data from the shared node state.

It requires a predecessor node that gathers the user data.

Dependencies

Make sure the user can successfully authenticate and get a session.

If this node is added to a no session journey or the noSession query parameter is used during authentication, the journey will fail.

Configuration

Property Usage

Property	Usage
Custom Cookie Name (required)	The name of the custom cookie. The cookie name can contain any US-ASCII characters except for: space, tab, control, or a separator character (`()<>@,;:"/[]?=\{}`).
Custom Cookie Value (required)	The value of the custom cookie.
Max Age	The length of time the custom cookie remains valid, in seconds. If that time is exceeded, the cookie is no longer valid. Advanced Identity Cloud sets the `Max-Age` and `Expires` attributes in the cookie to increase compatibility with different browsers. If omitted, the cookie expires at the end of the current session. The precise implementation of this is determined by the specific browser. Refer to RFC 6265 for details.
Custom Cookie Domain	The domain the custom cookie will be sent to. If you specify a value here, Advanced Identity Cloud sets a domain cookie. For example, if you set this property to `am.example.com`, Advanced Identity Cloud sets a cookie on `.am.example.com`. Note the leading `.` indicating a domain cookie rather than a host cookie. If you don’t set a value here, Advanced Identity Cloud sets a host level cookie on the FQDN on which the client accessed Advanced Identity Cloud. For example, if the client accesses Advanced Identity Cloud at `https://am.example.com` and this property is empty, Advanced Identity Cloud sets a host cookie on `am.example.com`.
Custom Cookie Path	The path of the custom cookie.
Use Secure Cookie	When enabled, adds the `Secure` flag to the custom cookie. If you include the `Secure` flag, the cookie can only be transferred over HTTPS. When a request is made over HTTP, the cookie isn’t made available to the application.
Use HTTP Only Cookie	When enabled, adds the `HttpOnly` flag to the custom cookie. If you include the `HttpOnly` flag, the cookie isn’t accessible to scripts.
Custom Cookie SameSite attribute	Sets the `SameSite` attribute of the custom cookie. The default value is `LAX`, to align with most modern browsers.

Custom Cookie Name (required)

The name of the custom cookie.

The cookie name can contain any US-ASCII characters except for: space, tab, control, or a separator character (()<>@,;:"/[]?=\{}).

Custom Cookie Value (required)

The value of the custom cookie.

Max Age

The length of time the custom cookie remains valid, in seconds. If that time is exceeded, the cookie is no longer valid.

Advanced Identity Cloud sets the Max-Age and Expires attributes in the cookie to increase compatibility with different browsers.

If omitted, the cookie expires at the end of the current session. The precise implementation of this is determined by the specific browser. Refer to RFC 6265 for details.

Custom Cookie Domain

The domain the custom cookie will be sent to. If you specify a value here, Advanced Identity Cloud sets a domain cookie. For example, if you set this property to am.example.com, Advanced Identity Cloud sets a cookie on .am.example.com. Note the leading . indicating a domain cookie rather than a host cookie.

If you don’t set a value here, Advanced Identity Cloud sets a host level cookie on the FQDN on which the client accessed Advanced Identity Cloud. For example, if the client accesses Advanced Identity Cloud at https://am.example.com and this property is empty, Advanced Identity Cloud sets a host cookie on am.example.com.

Custom Cookie Path

The path of the custom cookie.

Use Secure Cookie

When enabled, adds the Secure flag to the custom cookie.

If you include the Secure flag, the cookie can only be transferred over HTTPS. When a request is made over HTTP, the cookie isn’t made available to the application.

Use HTTP Only Cookie

When enabled, adds the HttpOnly flag to the custom cookie.

If you include the HttpOnly flag, the cookie isn’t accessible to scripts.

Custom Cookie SameSite attribute

Sets the SameSite attribute of the custom cookie.

The default value is LAX, to align with most modern browsers.

Outputs

This node doesn’t change the shared state.

Outcomes

Single outcome path.

The cookie is created when Advanced Identity Cloud next returns to the client.

Errors

This node doesn’t log any error or warning messages of its own.

Authentication nodes