Skip to content

New event for CookieAuthenticationEvents when authentication cookie is renewed/refreshed #63667

New issue
New issue
Open
Feature
Open
New event for CookieAuthenticationEvents when authentication cookie is renewed/refreshed#63667
Feature
Labels
api-needs-workAPI needs work before it is approved, it is NOT ready for implementationarea-authIncludes: Authn, Authz, OAuth, OIDC, Bearer
Milestone
Backlog
@ptffr

Description

@ptffr
ptffr
opened on Sep 13, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Is your feature request related to a problem? Please describe the problem.

I am currently issuing an additional cookie based on the authenticated user when they sign in, but the problem is that I can't reliably know when the authentication cookie is refresh to issue the additional cookie again.

I checked the CookieAuthenticationHandler and seems like the refresh happens in FinishResponseAsync which can be overridden, but doesn't really provide the information when/if the refresh happened. Might be possible to detect it by checking the response Set-Cookie but that way I don't know the AuthenticationProperties of the new cookie.

Describe the solution you'd like

A new event OnRefresh/OnRenew in CookieAuthenticationEvents that is fired with the new principal+properties somewhere after AppendResponseCookie in FinishResponseAsync

Additional context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    api-needs-workAPI needs work before it is approved, it is NOT ready for implementationarea-authIncludes: Authn, Authz, OAuth, OIDC, Bearer

    Type

    Feature

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions