🚀 Feature: Support SameSite cookie attribute #287

New Issue

Closed

opened 2025-10-08 00:01:45 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2025-10-08 00:01:45 +03:00

Owner

Copy Link

Originally created by @adrianmace on GitHub.

Feature description

I want the ability for the session cookie to be set to SameSite: Lax so that I can authenticate to multiple sub-domains with a single request.

Pitch

In my use-case, I run multiple services behind a single sub-domain (*.something.example.com) and reverse proxy (Traefik). The result is app-1.something.example.com and app-2.something.example.com.

Currently Traefik intercepts all requests and authenticates them via Pocket-ID before processing the request further. This works, but authentication is happening once for each app/sub-domain I hit.

I want to authenticate once and have that persist for every app under the same sub-domain. This could be the default behaviour or an optional thing.

In Authentik SameSite: Lax is default behaviour, along with a 1 month cookie expiry time.

Originally created by @adrianmace on GitHub. ### Feature description I want the ability for the session cookie to be set to SameSite: Lax so that I can authenticate to multiple sub-domains with a single request. ### Pitch In my use-case, I run multiple services behind a single sub-domain (`*.something.example.com`) and reverse proxy (Traefik). The result is `app-1.something.example.com` and `app-2.something.example.com`. Currently Traefik intercepts all requests and authenticates them via Pocket-ID before processing the request further. This works, but authentication is happening once for each app/sub-domain I hit. I want to authenticate once and have that persist for every app under the same sub-domain. This could be the default behaviour or an optional thing. In Authentik SameSite: Lax **is default behaviour**, along with a 1 month cookie expiry time.

OVERLORD added the feature label 2025-10-08 00:01:45 +03:00

OVERLORD closed this issue 2025-10-08 00:01:46 +03:00

OVERLORD commented 2025-10-08 00:01:47 +03:00

Author

Owner

Copy Link

@adrianmace commented on GitHub:

This relates to #219

@adrianmace commented on GitHub: This relates to #219

OVERLORD commented 2025-10-08 00:01:48 +03:00

Author

Owner

Copy Link

@adrianmace commented on GitHub:

This is being set on my OIDC plugin for Traefik. Closing.

@adrianmace commented on GitHub: This is being set on my OIDC plugin for Traefik. Closing.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

oidc-scopes

breaking/v2

i18n_crowdin

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label feature

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#287