response_cookie

Suggest Edits

Version: `v2025-01-13`	Includes use: Yes

Behavior name: Set Response Cookie

Set a cookie to send downstream to the client with either a fixed value or a unique stamp.

Default behavior

These samples reflect the behavior's default settings. You can use these as is in your configurations or make adjustments based on the behavior's available options.

data "akamai_property_rules_builder" "response_cookie" {
  rules_v2025_02_18 {
    name     = "Set Response Cookie"
    comments = "Sets a cookie to send downstream to the client with either a fixed value or a unique stamp."
    behavior {
      response_cookie {
        cookie_name    = ""
        enabled        = true
        type           = "FIXED"
        value          = ""
        default_domain = true
        default_path   = true
        expires        = "ON_BROWSER_CLOSE"
        same_site      = "DEFAULT"
        secure         = false
        http_only      = false
      }
    }
  }
}



"behaviors": [
  {
    "name": "responseCookie",
    "options": {
      "cookiename": "",
      "enabled": true,
      "type": "FIXED",
      "value": "",
      "defaultDomain": true,
      "defaultPath": true,
      "expires": "ON_BROWSER_CLOSE",
      "sameSite": "DEFAULT",
      "secure": false,
      "httpOnly": false
    }
  }
]

Options

Option	Description
`cookie_name`	String Specifies the name of the cookie, which serves as a key to determine if the cookie is set.
`enabled`	Boolean Allows you to set a response cookie.
`type`	Enum What type of value to assign. Value is one of: `FIXED`. Assign a `FIXED` value based on the `value` field. `UNIQUE`. Assign a unique value.
`value`	String \| Requires: `type` is `FIXED` The cookie value.
`format`	Enum \| Requires: `type` is `UNIQUE` Sets the date format. Value is one of: `AKAMAI`. Akamai format, which adds milliseconds to the date stamp. `APACHE`. Apache format.
`default_domain`	Boolean When enabled, uses the default domain value, otherwise the set specified in the `domain` field.
`default_path`	Boolean When enabled, uses the default path value, otherwise the set specified in the `path` field.
`domain`	String \| Requires: `default_domain` is `false` Sets the domain for which the cookie is valid. For example, `example.com` makes the cookie valid for that hostname and all subdomains.
`expires`	Enum Sets various ways to specify when the cookie expires. Value is one of: `ON_BROWSER_CLOSE`. Limit the cookie to the duration of the session. `FIXED_DATE`. Requires a corresponding `expiration_date` field value. `DURATION`. Requires a corresponding `duration` field value. `NEVER`. Let the cookie persist indefinitely.
`expiration_date`	String \| Requires: `expires` is `FIXED_DATE` If expires is set to `FIXED_DATE`, this sets when the cookie expires as a UTC date and time.
`expiration_date`	String \| Requires: `expires` is `DURATION` If expires is set to `FIXED_DATE`, this sets when the cookie expires as a UTC date and time.
`same_site`	Enum This option controls the `SameSite` cookie attribute that reduces the risk of cross-site request forgery attacks. Value is one of: `DEFAULT`. Send the `SameSite` cookie attribute. `NONE`. Send the cookie in all contexts if the `secure` option is enabled. `LAX`. Send the cookie also when the user navigates to a URL from an external site. `STRICT`. Send the cookie only to the same site that originated it.
`secure`	Boolean When enabled, sets the cookie's `Secure` flag to transmit it with `HTTPS`.
`http_only`	Boolean When enabled, includes the `HttpOnly` attribute in the `Set-Cookie` response header to mitigate the risk of client-side scripts accessing the protected cookie, if the browser supports it.

Updated about 1 hour ago