Enable HTTP Only Cookies

Http Only

When true, cookies are flagged as HTTPOnly. Use this property to prevent scripts and third-party programs from accessing the cookies.

Property name

com.sun.identity.cookie.httponly

Property aliases

com.sun.identity.cookie.httponly (since 5.0)

Type

Boolean: true returns true; all other strings return false.

Default

true

Bootstrap property

No

Required property

No

Restart required

No

Local configuration file

AgentConfig.properties

AM console tab

SSO