chore: add server-side cookie attributes setting limitation callout

aws-amplify · Nov 20, 2024 · f7b8e5c · f7b8e5c
1 parent e6af6e0
commit f7b8e5c
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/src/pages/[platform]/build-a-backend/server-side-rendering/index.mdx b/src/pages/[platform]/build-a-backend/server-side-rendering/index.mdx
@@ -211,7 +211,11 @@ In this example, if the incoming request is not associated with a valid user ses
 
 <Callout>
 
-**NOTE:** When calling `fetchAuthSession` with a `response` context, it will send the refreshed tokens (if any) back to the client via the `Set-Cookie` header in the response.
+When calling `fetchAuthSession` with a `response` context, it will send the refreshed tokens (if any) back to the client via the `Set-Cookie` header in the response.
+
+**Note:** The Next.js adapter currently doesn't support customization of cookie attributes from the server side, and cookies are always set with [default attribute values](https://github.com/aws-amplify/amplify-js/blob/2447917fb47ff616aca6f5d64f9c635cf738c7e3/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts#L10-L15).
+
+If you are changing the cookie store on the client side, you may need to manually set the cookie attributes to match the server-side configuration. If you need to customize the cookie attributes, you can use the lower level [`runWithAmplifyServerContext` function](/gen1/[platform]/build-a-backend/server-side-rendering/) instead.
 
 </Callout>
 

diff --git a/src/pages/gen1/[platform]/build-a-backend/server-side-rendering/nextjs/index.mdx b/src/pages/gen1/[platform]/build-a-backend/server-side-rendering/nextjs/index.mdx
@@ -213,7 +213,11 @@ In this example, if the incoming request is not associated with a valid user ses
 
 <Callout>
 
-**NOTE:** When calling `fetchAuthSession` with a `response` context, it will send the refreshed tokens (if any) back to the client via the `Set-Cookie` header in the response.
+When calling `fetchAuthSession` with a `response` context, it will send the refreshed tokens (if any) back to the client via the `Set-Cookie` header in the response.
+
+**Note:** The Next.js adapter currently doesn't support customization of cookie attributes from the server side, and cookies are always set with [default attribute values](https://github.com/aws-amplify/amplify-js/blob/2447917fb47ff616aca6f5d64f9c635cf738c7e3/packages/aws-amplify/src/adapter-core/storageFactories/createKeyValueStorageFromCookieStorageAdapter.ts#L10-L15).
+
+If you are changing the cookie store on the client side, you may need to manually set the cookie attributes to match the server-side configuration. If you need to customize the cookie attributes, you can use the lower level [`runWithAmplifyServerContext` function](/gen1/[platform]/build-a-backend/server-side-rendering/) instead.
 
 </Callout>