Symantec Access Management

Hello everyone ,

I have a problem with my SSO for some reason we nedd to pass from domain scop 2 to a domain Scop 3

for exemple now we have cookies like .group.net we want to have .application.group.net !Using SAML between my SSo and the App

My question is is there a way so my webSSO will generate a cookie domain of 3 scop level ?

In an Agent Mode I know that this is done by changing the configuration in the ACO.
But i would like to do something so my SSo gives in general a domain scoop of 3

Thabk you for your help

Are you referring to Policy server by "SSO" here?

Please understand, Cookies are created by agent NOT policy server.

Now,on the agent side if you want to create 3 scope cookie domain, you will have to do following:

• Comment out the CookieDomain parameter or set it to blank
  
• Specify CookieDomainScope = 3
  

More here: https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/web-agent-configuration/user-protection-and-tracking/siteminder-browser-cookies