AuthCookieDomain Setting

system · February 19, 2025, 9:05am

Having some trouble with using the AuthCookieDomain setting in v13.5.2

We have our backoffice on a subdomain like this: backoffice.domain.com

The app settings are as follows:

"Umbraco": {
  "CMS": {
    "ModelsBuilder": {
      "ModelsMode": "Nothing",
      "ModelsDirectory": "~/App_Data/Models"
    },
    "RuntimeMinification": {
      "useInMemoryCache": true,
      "cacheBuster": "Timestamp"
    },
    "Security": {
      "AuthCookieDomain": ".domain.com"
    }
  }
},

When I log into the backoffice, I can see the domain for the UMB_UCONTEXT cookie is set to .domain.com but all the others are still setting to backoffice.domain.com:

UMB-XSRF-TOKEN
UMB-XSRF-V
UMB_SESSION
UMB_UPDCHK

Is there something I’ve missed that would make sure these cookies are being set with the correct domain?

Thanks,
Alex

This is a companion discussion topic for the original entry at https://our.umbraco.com/forum/115273-authcookiedomain-setting