Cookie rejected when using OOTB Web Service Connector and API Management

Using IdentityIQ 8.4p2 and OOTB WebService Connector.

We have a working configuration towards a SaaS Application when we call the API directly (aaa.com).

When changing the configuration (Base URL) to connect over an API management System we get a Cookie Rejected error.

2025-11-24T10:50:57,792  WARN https-jsse-nio-443-exec-43 http.client.protocol.ResponseProcessCookies:123 - Cookie rejected [yyy="xxx", version:0, domain:aaa.com, path:/, expiry:null] Illegal 'domain' attribute "aaa.com". Domain of origin: "bbb.com"
2025-11-24T10:50:57,792  WARN https-jsse-nio-443-exec-43 http.client.protocol.ResponseProcessCookies:123 - Cookie rejected [yyy="xxx", version:0, domain:aaa.com, path:/, expiry:Mon Nov 23 23:28:42 CET 2026] Illegal 'domain' attribute "aaa.com". Domain of origin: bbb.com"
2025-11-24T10:50:57,792  WARN https-jsse-nio-443-exec-43 http.client.protocol.ResponseProcessCookies:123 - Cookie rejected [yyy="xxx=", version:0, domain:aaa.com, path:/, expiry:null] Illegal 'domain' attribute "aaa.com". Domain of origin: "bbb.com"

Is there a way to disable the cookie management using the OOTB Web Service connector? Or is there another solution to fix this issue?

– Remold

Hi @Remold, did you try this one:

image931×176 16.8 KB

Have a nice and great one!

Disabling Cookies is not an option, at it will break the session/authentication to to webservices.

We have asked our APIM to to rewrite the domain in the cookies (a bit similar to what I normally do with Nginx).

– Remold

thanks @Remold for replying, and yes, disableCookies is only really useful when the target API doesn’t depend on cookies for auth.