Interface CookieConfig

Configure how the session cookie and transient cookies are stored.

Hierarchy

  • CookieConfig

Properties

domain? httpOnly path? sameSite secure? transient

Properties

Optional domain

domain?: string

Domain name for the cookie. You can also use the AUTH0_COOKIE_DOMAIN environment variable.

httpOnly

httpOnly: boolean

Flags the cookie to be accessible only by the web server. Defaults to true. You can also use the AUTH0_COOKIE_HTTP_ONLY environment variable.

Optional path

path?: string

Path for the cookie. Defaults to /. You should change this to be more restrictive if you application shares a domain with other apps. You can also use the AUTH0_COOKIE_PATH environment variable.

sameSite

sameSite: "lax" | "strict" | "none"

Value of the SameSite Set-Cookie attribute. Defaults to lax but will be adjusted based on response_type. You can also use the AUTH0_COOKIE_SAME_SITE environment variable.

Optional secure

secure?: boolean

Marks the cookie to be used over secure channels only. Defaults to the protocol of baseURL. You can also use the AUTH0_COOKIE_SECURE environment variable.

transient

transient: boolean

Set to true to use a transient cookie (cookie without an explicit expiration). Defaults to false. You can also use the AUTH0_COOKIE_TRANSIENT environment variable.

Settings

Member Visibility

Theme

On This Page