Cookies

cookies

HTTP Cookie Configuration

Configuration for HTTP cookies used to maintain User-Agent state throughout the authorization flow. These settings conform to the cookies module interface specification. The maxAge and expires properties are ignored; cookie lifetimes are instead controlled via the ttl.Session and ttl.Interaction configuration parameters.

---

cookies.long

Options for long-term cookies.

default value:

{
  httpOnly: true,
  sameSite: 'lax'
}

---

cookies.names

Specifies the HTTP cookie names used for state management during the authorization flow.

default value:

{
  interaction: '_interaction',
  resume: '_interaction_resume',
  session: '_session'
}

---

cookies.short

Options for short-term cookies.

default value:

{
  httpOnly: true,
  sameSite: 'lax'
}

---