Skip to page contentSkip to chat
ServiceNow support
    • Community
      Ask questions, give advice, and connect with fellow ServiceNow professionals.
      Developer
      Build, test, and deploy applications
      Documentation
      Find detailed information about ServiceNow products, apps, features, and releases.
      Impact
      Accelerate ROI and amplify your expertise.
      Learning
      Build skills with instructor-led and online training.
      Partner
      Grow your business with promotions, news, and marketing tools
      ServiceNow
      Learn about ServiceNow products & solutions.
      Store
      Download certified apps and integrations that complement ServiceNow.
      Support
      Manage your instances, access self-help, and get technical support.
Sharing cookie between 2 domains - Support and Troubleshooting
  • >
  • Knowledge Base
  • >
  • Support and Troubleshooting (Knowledge Base)
  • >
  • Sharing cookie between 2 domains
KB0787412

Sharing cookie between 2 domains


3050 Views Last updated : Apr 8, 2024 public Copy Permalink
KB Summary by Now Assist

Issue

We have 2 URLs https://aaaa.com https://bbbb.com Both are pointing to the same instance (for example, one to the old CMS the other to the Service Portal).

 

Customers could want to achieve the functionality to help user’s login to one domain if they are logged on to the other and vice versa.

Release

All releases

Cause

ServiceNow does not support sharing cookies between instances, even if it is possible as it could be unsafe for our customers to read cookies between all instances.

Resolution

Just in case, if it is needed to share cookies across subdomains it is required need to scope the cookie at the domain level (e.g. .example.com). It applies when you want the cookie is available to all the subdomains of .example.com

Most modern browsers adhere to a defined "web security model". The model effectively governs the behaviour of browsers with regards to security, on things like cookies (specifically how they will be sent back to any given website). The model also has the rule that "browsers don't send cookies to domain names that didn't set them."

That being said, domain.com should be able to set cookies for js.domain.com. js.domain.com, however, can only set cookies for itself. But this is all depending on what browser you're using.

Additionally, if you want to create a simple authentication portal to pass an unencrypted HTTP header as a cookie. Here is official documentation link:

https://docs.servicenow.com/csh?topicname=r_ASPNETCSharpRdrctCks.html&version=latest

 

 


The world works with ServiceNow.

Sign in for more! There's more content available only to authenticated users Sign in for more!
Did this KB article help you?
Did this KB article help you?

How would you rate your Now Support digital experience?

*

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

What can we improve? Please select all that apply.

What are we doing well? Please select all that apply.

Tell us more

*

Do you expect a response from this feedback?

  • Terms and conditions
  • Privacy statement
  • GDPR
  • Cookie policy
  • © 2025 ServiceNow. All rights reserved.