Changing cookieName or cookieDomains on an existing OIDC configuration will cause browsers to retain multiple cookies which may cause conflicting or confusing behavior in the browser after the change. In the case of changing the cookie domain the more specific cookie domain name will always take precedence and potentially override and hide the newly issued more general cookie domain name. A note that indicates users should ensure ALL cookies for a domain and its subdomains (visible or not) are deleted when applying cookie naming changes may help in testiong that the configuration is behaving as intended.
Description:
Changing cookieName or cookieDomains on an existing OIDC configuration will cause browsers to retain multiple cookies which may cause conflicting or confusing behavior in the browser after the change. In the case of changing the cookie domain the more specific cookie domain name will always take precedence and potentially override and hide the newly issued more general cookie domain name. A note that indicates users should ensure ALL cookies for a domain and its subdomains (visible or not) are deleted when applying cookie naming changes may help in testiong that the configuration is behaving as intended.