---
title: Enable Multivalue for Pre-Authn Cookie
description: Web agent uses the pre-authentication cookie agent-authn-tx to track the progress of authentication with AM and protect the request from replay attacks.
component: web-agents
version: 2025.11
page_id: web-agents:properties-reference:org.forgerock.openam.agents.config.multivalue.pre.authn.cookies
canonical_url: https://docs.pingidentity.com/web-agents/2025.11/properties-reference/org.forgerock.openam.agents.config.multivalue.pre.authn.cookies.html
---

# Enable Multivalue for Pre-Authn Cookie

Web agent uses the pre-authentication cookie `agent-authn-tx` to track the progress of authentication with AM and protect the request from replay attacks.

When this property is `true`, the agent creates a single cookie containing records to identify all concurrent authentication requests to AM.

In environments with lots of concurrent requests, or where the protected URLs are long, the cookie can reach the maximum size supported by the browser. When this happens, new authentication requests fail and the agent issues a 403 HTTP message to the user.

When this property is `false`, the agent creates a pre-authentication cookie for each authentication request to AM, with the name of `agent-authn-tx-string`.

In some environments, this will create a large number of cookies. If you have tests in your environment that make multiple requests to AM from the same browser, you may find intermittent 403 HTTP messages; browsers and have a limit of how many cookies they can handle.

Something similar happens to web servers; they have a limit of how many headers (cookies) they can manage at one time. Set the property to `true` if you find that creating too many cookies is having an impact on your environment.

Default: `false`

|                    |                                                                                                 |
| ------------------ | ----------------------------------------------------------------------------------------------- |
| Property name      | `org.forgerock.openam.agents.config.multivalue.pre.authn.cookies`   Introduced in Web Agent 5.7 |
| Function           | Cookies                                                                                         |
| Type               | Boolean: `true` returns true; all other strings return `false`.                                 |
| Bootstrap property | Yes                                                                                             |
| Required property  | No                                                                                              |
| Restart required   | No                                                                                              |
| AM console         | Tab: `SSO (From AM 7)`Title: `Enable Multivalue for Pre-Authn Cookie`                           |