PREREQUISITES: You must have installed SSL on your site and you must have configured all backend pages to require SSL.
For more information, see Administration: Configure SSL.
The .AspNet.Cookies is the cookie of the relaying party. The cookie of the STS depends on the protocol you use. It is one of the following:
To configure the security of the Relying party .AspNet.Cookies cookie, perform the following:
In OpenId Connect, the Security Token Service cookie idsrv is always configured as SameAsRequest.
To secure the STS cookie in WRAP/SWT, perform the following:
<authentication mode="None" />
The .SFAUTH is the cookie connected to Forms authentication.
To secure the .SFAUTH cookie, perform the following:
Back To Top