Skip to main content

Securing HTTP Cookies Created by App Portal

If your App Portal website is running under HTTPS binding (https:// is visible in the URL), then you need to make a configuration change so that HTTP cookies will only be transmitted under HTTPS communication.

To secure HTTP cookies created by App Portal:

  1. Locate the following file on your App Portal Website server:
[App Portal Installation Location]\web\web.config
  1. Open the web.config file (as an Administrator) in a text editor.
  2. In the <httpCookies> element, change the value of the requireSSL parameter from false to true:
<httpCookies httpOnlyCookies="true" requireSSL="true" />
info

If your organization is using HTTP binding (http:// is visible in the URL), then the requireSSL parameter must remain set to false.