Connectors

Cookie Connector

The Cookie connector lets you set and retrieve session cookies in your PingOne DaVinci flow.

Setup

Resources

For more information and setup help, see the following:

Add the connector in DaVinci as shown in Adding a connector, then configure it as follows.

Connector configuration

HMAC Signing Key

The Base64-encoded, 256-bit key that the connector uses to sign the session cookies. This prevents unauthorized agents from gaining access by guessing a session ID.

To use this, enable the Sign Cookies with HMAC Key option in the Set a Session Cookie capabilities.

Using the connector in a flow

The connector has two capabilities that allow you to set session cookies:

  • Set a Session Cookie

  • Set a Session Cookie (Non-User)

These two capabilities are identical, except the Non-User variant doesn’t require a user to already have been identified in the flow.

No special configuration is needed. Add the capability and populate its properties according to the help text.

You can include custom claims in the session cookie. In the Session Cookie Custom Claims section, click Field, select a claim from the list, and enter a value. To delete a custom claim from the list, click Edit.

The connector has two capabilities that allow you to read existing session cookies:

  • Check a Session Cookie

  • Check a Session Cookie (Non-User)

No special configuration is needed. Add the capability and populate its properties according to the help text.

Capabilities

Set Session Cookie

Sets an opaque session cookie so that the user is not asked to authenticate again during the flow.

Show details
cookieName textField
useSecureCookie toggleSwitch
useHttpOnlyCookie toggleSwitch
cookieExpiresInSeconds textField
cookieDomain textField
Cookie Path textField

The path where the cookie will be accessible

cookieSameSite dropDown
signCookie toggleSwitch
setCookieClientSide toggleSwitch
claimsNameValuePairsSessionCookie selectNameValueListColumn
useSessionTokenFlag toggleSwitch
sessionToken textField

Check Session Cookie

Determine if a session cookie exists in the flow. If it exists, continue with the flow, or ask the user to provide additional authentication information.

Show details
cookieName textField
enforceClientIP toggleSwitch
enforceFlowIdMatch toggleSwitch
Resolve to User toggleSwitch

Attempt to resolve cookie to a user, which will then be available in {{global.userInfo}} parameter

Set Session Cookie (Non User)

Set an opaque session cookie with a set of custom claims.

Show details
cookieName textField
useSecureCookie toggleSwitch
useHttpOnlyCookie toggleSwitch
cookieExpiresInSeconds textField
cookieDomain textField
Cookie Path textField

The path where the cookie will be accessible

cookieSameSite dropDown
signCookie toggleSwitch
setCookieClientSide toggleSwitch
claimsNameValuePairsSessionCookie selectNameValueListColumn
useSessionTokenFlag toggleSwitch
sessionToken textField

Check Session Cookie (Non User)

Check if a specific session cookie exists and retrieve the custom claims for decision-making purposes.

Show details
cookieName textField
enforceClientIP toggleSwitch
enforceFlowIdMatch toggleSwitch