self-hosted kratos is not considering the cookie domain setting as per yml file #4501
bharath-maska
started this conversation in
Show and tell
Replies: 1 comment
-
|
The session cookie domain is global per Kratos config, not per flow; it shouldn't vary between password or OIDC flow. Can you provide full HTTP traces maybe? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I have a setting in yml file as
session.cookie.domain as ".abc.in".which should ideally set the cookie at subdomain level for all flows that could be email password login or OIDC.However for OIDC the cookie "ory_kratos_session" was set for .abc.in
for Email and password login flow cookie ("ory_kratos_session") was set for whole domain like example.abc.in
Beta Was this translation helpful? Give feedback.
All reactions