Cookie domains
Advanced Identity Cloud lets you configure the cookie domains of your custom domains so you can control which applications have access to the cookies you create.
By default, when you add a custom domain to an environment, no cookie domain is set for it. You must explicitly configure its cookie domain to suit your deployment. You can configure it in these ways:
-
Set it to use a single subdomain (for example,
sso.mycompany.co.uk). This ensures cookies can be set or modified only by applications running on that subdomain. -
Set it to use more than one subdomain. This lets you set cookies on one subdomain (for example,
sso.mycompany.co.uk) but makes them available to an application running on a different subdomain (for example,banking.mycompany.co.uk). -
Set it to use a domain (for example,
mycompany.co.uk). This lets you set cookies at the domain level so they’re available to legacy applications yet to be migrated to Advanced Identity Cloud.
Learn how to set cookie domains in Manage cookie domains using the API.
| Advanced Identity Cloud always writes cookies to the default tenant environment FQDN of each of your environments. This is not configurable to ensure you retain access to your environments. |