Hi @rp_st & @nkshah2 , We are using supertoken web js version no - 0.8.0 and below are our domain and api url. Cookie Name - .xyz.co.in API URL Name - https://abc.xyz.co.in However we are facing the issue where the cookie domain is created SAccessToken with domain https://abc.xyz.co.in. We really dont know how exactly this is happening as entire cookie management is done by SuperToken. Would really appreciate if you can help us?

hey @nilesh_97911 cookieDomain is a backend config. Are you setting it on the backend or frontend?

We are setting CookieDomain at backend. and during initialisation at front we are passing this CookieDomain. Session.init({ sessionTokenBackendDomain: API_COOKIE_DOMAIN })

right, and what behaviour are you seeing?

@rp We confirm that undefined is not set, Proper value has been assigned. The senario that we are seeing, When we signout using superToken method. SuperToken clear all cookies, except cookie generated(sAccessToken) With Domain "abc.xyz.co.in" Due to this, When different user try to login SuperToken usages already existed (sAccessToken) and we are seeing abnormal behaviour.

the cookieDomain for it should never be abc.xyz.co.in, unless you had a previous session with a different cookieDomain value