Origin servers SHOULD NOT fold multiple Set-Cookie header fields into a single header field. The usual mechanism for folding HTTP headers fields (i.e., as defined in [RFC2616]) might change the semantics of the Set-Cookie header field because the %x2C (",") character is used by Set-Cookie in a way that conflicts with such folding.
AWS has a field called multiValueHeaders for this case:
Quoting RFC 6265:
AWS has a field called multiValueHeaders for this case:
https://stackoverflow.com/questions/39769222/how-can-i-send-multiple-set-cookie-headers-from-api-gateway-using-a-proxied-lamb