AspNet Core Identity, how set options.Cookie.SameSite?

Question

In the latest templates and libraries used httpsonly flag. How can I turn it off?

This same question is outdated and it did not have full configuration sample:

Answer 1

In order to configure the application cookie when using Identity, you can use the ConfigureApplicationCookie method inside your Startup’s ConfigureServices:

// add identity
services.AddIdentity();

// configure the application cookie
services.ConfigureApplicationCookie(options =>
{
    options.Cookie.SameSite = SameSiteMode.None;
});

Since Identity essentially adds cookie authentication under the hood, this is the configure action is the same thing you would normally pass to AddCookie() when configuring cookie authentication. It’s just that since AddIdentity() takes care of setting up authentication for you, the ConfigureApplicationCookie offers a way to adjust the cookie authentication options afterwards.