Skip to main content

Securing HTTP Cookies Created by App Portal

If your App Portal website is running under HTTPS binding (https:// is visible in the URL), then you need to make a configuration change so that HTTP cookies will only be transmitted under HTTPS communication.

To secure HTTP cookies created by App Portal:

  1. Locate the following file on your App Portal Website server:

    [App Portal Installation Location]\web\web.config

  2. Open the web.config file (as an Administrator) in a text editor.

  3. In the <httpCookies> element, change the value of the requireSSL parameter from false to true:

    <httpCookies httpOnlyCookies="true" requireSSL="true" />
info

If your organization is using HTTP binding (http:// is visible in the URL), then the requireSSL parameter must remain set to false.