<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
How to Configure Persistent Cookie Sessions for End Users Using Postman
Aug 20, 2025
Single Sign-On
Administration
Okta Classic Engine
Okta Identity Engine
Overview
Persistent session cookies can be set to maintain users' sessions after closing their current Okta session. However, if a policy update is made from the Okta Administrator dashboard, the persistent cookie value is reset to false, leading to the need for frequent login prompts. This article provides step-by-step instructions for setting up a persistentcookie=true policy for end-users using Postman, thus enabling them to remain logged in.
Applies To
  • Okta Sign-On Policy
Solution

Install Postman and configure the environment for the Okta org that is being modified. For guidance on how to do so, please check the following document: Instructions for the Installation and Configuration of Postman.


In this video, learn how to configure persistent cookie sessions for end users using Postman.

To ensure that end users are not prompted for credentials after the current Okta session is closed, this setting can be applied to the sign-on policy. The following steps should be followed to achieve this:

  1. Use the API call GET {{url}}/api/v1/policies?type=OKTA_SIGN_ON to retrieve all policies. Copy and save the policyId as it will be needed for the next API call.

API Call to GET all policies

  1. Use the API call GET {{url}}/api/v1/policies/{{policyId}}/rules to obtain the ruleId associated with the policy. Save the ruleId.

API Call to get the ruleId

  1. Use the API call PUT {{url}}/api/v1/policies/{{policyId}}/rules/{{ruleId}} to update the policy and rule with the necessary settings. Pay particular attention to the values of the maxSessionIdleMinutes and maxSessionLifetimeMinutes. Before making the call, copy and paste the following JSON in the body and adjust it as required:

    {
  "name": "Sign-On Policy Rule",
  "type": "SIGN_ON",
  "actions": {
    "signon": {
      "access": "ALLOW",
      "requireFactor": false,
      "primaryFactor": "Primary Factor of the Sign-On Policy (that is, PASSWORD_IDP)",
      "rememberDeviceByDefault": false,
      "session": {
        "usePersistentCookie": true,
        "maxSessionIdleMinutes": 100,
        "maxSessionLifetimeMinutes": 100
      }
    }
  }
}

     



  1. 

    After making the call, a 200 status code will be received.
    



200 status code



 


Related References


Recommended content
Still looking for help?
Loading
How to Configure Persistent Cookie Sessions for End Users Using Postman