Set Persistent Cookie node
Creates the specified persistent cookie, the default being session-jwt
.
The cookie contains a JWT with a JSON payload including information such as the UID of the identity, and the client IP address.
The node encrypts the payload of the JWT. It uses the key pair specified in Native Consoles > Access Management > Realms > Realm Name > Authentication > Settings > Security > Persistent Cookie Encryption Certificate Alias.]
Compatibility
Product | Compatible? |
---|---|
ForgeRock Identity Cloud |
Yes |
ForgeRock Access Management (self-managed) |
Yes |
ForgeRock Identity Platform (self-managed) |
Yes |
Inputs
When the authentication tree completes successfully, the CreatePersistentCookieTreeHook
treehook
for this node uses session properties to create the persistent cookie.
Configuration
Property | Usage | ||
---|---|---|---|
Idle Timeout |
The maximum amount of idle time allowed before the persistent cookie is invalidated, in hours. If no requests are received before the timeout, the cookie is no longer valid. |
||
Max life |
The length of time the persistent cookie remains valid, in hours. After this time has passed, the cookie is no longer valid. |
||
Use Secure Cookie |
When enabled, adds the If the |
||
Use HTTP Only Cookie |
When enabled, adds the When the |
||
HMAC Signing Key |
A key to use for HMAC signing of the persistent cookie. Values must be base64-encoded and at least 256 bits (32 bytes) long. To generate an HMAC signing key, run one of the following commands:
or
|
||
Persistent Cookie Name |
The name used for the persistent cookie. |
Outputs
The node stores the cookie name in the session properties.
The node adds the CreatePersistentCookieTreeHook
treehook, which runs when the tree completes.
Errors
The node logs the following warning messages:
-
Unable to create signing key from provided configuration.
The node logs the following error messages:
-
Tree hook creation exception
-
No signing keys available to sign JWT
-
Error creating jwt string
Example
Refer to the Persistent Cookie Decision node example.