Go to new doc!

+49 228 5552576-0




Can be used in

spring:beans, bean and oauth2Resource2


Name Required Default Description Example
domain false -
expiresAfterSeconds false -
httpOnly false -
issuer false -
sameSite false -
secure false false forces secure cookie attribute even when no ssl context is present (e.g. TLS termination in front of membrane)
sessionCookie false false if true removes the expire part of a set cookie header and thus makes it a session cookie
ttlExpiryRefreshOnAccess false true controls if the expiry refreshes to expiresAfterSeconds on access (true) or if it should not refresh (false)