Java Policy Agents 2024.3

Post Data Preservation Cookie Name

The name of the Post Data Preservation cookie. This cookie maintains the security of the data in unauthenticated POST requests. It contains a unique one-time code which is cross-checked against the stored data making it extremely difficult for malicious actors to replay the stored data for other users.

Since Java Agent 5.10, there is the option of creating one cookie for all concurrent PDP requests, or alternatively to have one uniqely named cookie per request.

If you have tests in your environment that make multiple PDP requests to the agent, you may find intermittent failures as browsers can limit how many cookies they handle.

Configure the cookie name as follows:

  • To use one cookie for all concurrent PDP requests to AM, configure as a string. For example,

  • To use one cookie for each authentication request to AM, configure as %n before, in the middle, or after a string. When the agent creates the cookie, it substitutes %n for a unique identifier. For example:





The agent compresses and then signs the cookie.

Property name

  Introduced in Java Agent 5.10.0
  Recognized from AM 7.1


Cookie, POST data preservation





Bootstrap property


Required property


Restart required


Local configuration file

Copyright © 2010-2024 ForgeRock, all rights reserved.