topic SAML cookies and global protect cookies in GlobalProtect Discussions https://live.paloaltonetworks.com/t5/globalprotect-discussions/saml-cookies-and-global-protect-cookies/m-p/558233#M4387 <P>Hi,</P> <P>&nbsp;</P> <P>If I am using SAML authentication on my portal and gateway what is the best practice around Authentication cookies override.</P> <P>When using SAML my user will be prompted via the default browser 2 times ones for the portal and ones for the gateway.</P> <P>I read that you can overcome this by generating a cookie on the portal an accept on the gateway is this correct. &nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HBMdCAO&amp;lang=en_US%E2%80%A9" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HBMdCAO&amp;lang=en_US%E2%80%A9</A></P> <P>If I don't use any cookies how long will the session remain active if I am using Azure AD as an IDP?</P> <P><A href="https://learn.microsoft.com/en-us/azure/active-directory/develop/configurable-token-lifetimes" target="_blank">https://learn.microsoft.com/en-us/azure/active-directory/develop/configurable-token-lifetimes</A></P> <P>I believe 1 hour will be the case.<BR />What is the best practice around SAML and authentication cookies override. &nbsp;Should u use it or not?</P> <P>&nbsp;</P> Sun, 17 Sep 2023 08:35:31 GMT GOMEZZZ 2023-09-17T08:35:31Z SAML cookies and global protect cookies https://live.paloaltonetworks.com/t5/globalprotect-discussions/saml-cookies-and-global-protect-cookies/m-p/558233#M4387 <P>Hi,</P> <P>&nbsp;</P> <P>If I am using SAML authentication on my portal and gateway what is the best practice around Authentication cookies override.</P> <P>When using SAML my user will be prompted via the default browser 2 times ones for the portal and ones for the gateway.</P> <P>I read that you can overcome this by generating a cookie on the portal an accept on the gateway is this correct. &nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HBMdCAO&amp;lang=en_US%E2%80%A9" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HBMdCAO&amp;lang=en_US%E2%80%A9</A></P> <P>If I don't use any cookies how long will the session remain active if I am using Azure AD as an IDP?</P> <P><A href="https://learn.microsoft.com/en-us/azure/active-directory/develop/configurable-token-lifetimes" target="_blank">https://learn.microsoft.com/en-us/azure/active-directory/develop/configurable-token-lifetimes</A></P> <P>I believe 1 hour will be the case.<BR />What is the best practice around SAML and authentication cookies override. &nbsp;Should u use it or not?</P> <P>&nbsp;</P> Sun, 17 Sep 2023 08:35:31 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/saml-cookies-and-global-protect-cookies/m-p/558233#M4387 GOMEZZZ 2023-09-17T08:35:31Z Re: SAML cookies and global protect cookies https://live.paloaltonetworks.com/t5/globalprotect-discussions/saml-cookies-and-global-protect-cookies/m-p/1253355#M7360 <P><A href="https://live.paloaltonetworks.com/t5/general-topics/gp-with-saml-authentication-always-redirects-to-idp/td-p/1253343" target="_blank">https://live.paloaltonetworks.com/t5/general-topics/gp-with-saml-authentication-always-redirects-to-idp/td-p/1253343</A></P> Thu, 30 Apr 2026 17:29:56 GMT https://live.paloaltonetworks.com/t5/globalprotect-discussions/saml-cookies-and-global-protect-cookies/m-p/1253355#M7360 TomYoung 2026-04-30T17:29:56Z