Running VIP Authentication Hub, how to control the session cookie per application?

From documentation, SSO could be handled programmatically or via cookies (1). The problem comes when one application does not require cookies while others do require it.

How to activate session cookies at service configuration level and have the possibility to deactivate at application level in case one application does not require it?

Upgrade VIP Authentication Hub to 3.3, that will provide control over the session cookie:

1. App metadata urn:iam:app:sessionTokenExpirySecs to control the SSO session expiry (ex: value of "3600" implies the app's session will expire after 1 hour);
2. App metadata urn:iam:app:ignoreSsoSession to control whether SSO session is ignored (ex: value of "true" implies app will not have a session);
3. App metadata urn:iam:app:ssoZone to control the suffix of the SSP cookie name (ex: app-specific cookie name "sspsession_zoneA" vs global cookie name "sspsession").

1. Managing Sessions