Skip to content

Manage Cookies with Express

How to use the `Response.cookie()` method to manipulate your cookies

Use the Response.cookie() method to manipulate your cookies.

Examples:

res.cookie('username', 'Flavio')

This method accepts a third parameter, which contains various options:

res.cookie('username', 'Flavio', { domain: '.flaviocopes.com', path: '/administrator', secure: true })

res.cookie('username', 'Flavio', { expires: new Date(Date.now() + 900000), httpOnly: true })

The most useful parameters you can set are:

ValueDescription
domainThe cookie domain name
expiresSet the cookie expiration date. If missing, or 0, the cookie is a session cookie
httpOnlySet the cookie to be accessible only by the web server. See HttpOnly
maxAgeSet the expiry time relative to the current time, expressed in milliseconds
pathThe cookie path. Defaults to ’/‘
secureMarks the cookie HTTPS only
signedSet the cookie to be signed
sameSiteValue of SameSite

A cookie can be cleared with:

res.clearCookie('username')

→ Here's my latest YouTube video

→ Get my Express.js Handbook

→ I wrote 17 books to help you become a better developer, download them all at $0 cost by joining my newsletter

JOIN MY CODING BOOTCAMP, an amazing cohort course that will be a huge step up in your coding career - covering React, Next.js - next edition February 2025

Bootcamp 2025

Join the waiting list