PingFederate identifies persistent authentication sessions by their respective PF.PERSISTENT cookie. By default, the PF.PERSISTENT cookie is set without domain information in the HTTP header; for example:
Set-Cookie:
PF.PERSISTENT=UoBlPlf16V2oYAEPot2DnpUOXxitK7au;Path=/;Expires=Sat, 06-Nov-2021
00:48:08 GMT;Max-Age=94608000;Secure;HttpOnly
As needed, you may configure PingFederate to return the Set-Cookie HTTP header with domain information.
Once this change is activated, PingFederate includes domain information in its Set-Cookie HTTP header; for example:
Set-Cookie:
PF.PERSISTENT=tOYwPM7VFMeluUyeu0EKQLL0DCJyVOqG;Path=/;Domain=.example.com;Expires=Sat,
06-Nov-2021 01:00:34 GMT;Max-Age=94608000;Secure;HttpOnly