Skip to main content

CheckSessionCookieOptions Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Common.Configuration

CheckSessionCookieOptions Class

Defines options for the session check cookie used in monitoring changes in session status.

public record CheckSessionCookieOptions : System.IEquatable<Abblix.Oidc.Server.Common.Configuration.CheckSessionCookieOptions>

Inheritance System.Object → CheckSessionCookieOptions

Implements System.IEquatable<CheckSessionCookieOptions>

Properties

CheckSessionCookieOptions.Domain Property

The domain name where the cookie is available. Specifying the domain restricts where the cookie is sent. Leaving this value null means the cookie is sent to all subdomains.

public string? Domain { get; set; }

Property Value

System.String

CheckSessionCookieOptions.Name Property

The name of the cookie used to monitor session status changes. The default value is "Abblix.SessionId".

public string Name { get; init; }

Property Value

System.String

CheckSessionCookieOptions.Path Property

The path for the cookie. Can be set to the check_session_iframe endpoint path (e.g., "/connect/checksession") to ensure the cookie is only sent to that endpoint, or left as "/" for broader availability. The default value is "/" (root path).

public string Path { get; set; }

Property Value

System.String

CheckSessionCookieOptions.SameSite Property

The SameSite attribute for the cookie which asserts that a cookie must not be sent with cross-origin requests, providing some protection against cross-site request forgery attacks (CSRF). The default value is "None", which permits the cookie to be sent with cross-site requests. Valid options are "None", "Lax", and "Strict". Note: For OpenID Connect Session Management to work in modern browsers, SameSite must be "None" to allow the cookie to be accessed from the check_session_iframe running in cross-origin context.

public string SameSite { get; set; }

Property Value

System.String