Cookie Manager
Rostyman automatically manages cookies across requests, with a full cookie manager for viewing and editing stored cookies.
Opening the Cookie Manager
Click the Cookies icon in the sidebar to open the Cookie Manager tab. Cookies are grouped by domain.
Viewing Cookies
The manager displays a table of all stored cookies with:
| Column | Description |
|---|---|
| Name | Cookie name |
| Value | Cookie value |
| Domain | Domain the cookie belongs to |
| Path | URL path scope |
| Expires | Expiration date (or "Session") |
| Secure | Whether the cookie is sent only over HTTPS |
| HttpOnly | Whether the cookie is inaccessible to JavaScript |
Click a domain in the left list to filter cookies for that domain.
Adding Cookies
Click Add Cookie and fill in the fields:
Name: session_id
Value: abc123
Domain: api.example.com
Path: /
Expires: 2025-12-31T23:59:59Z
Secure: true
HttpOnly: false
The cookie will be sent with matching requests automatically.
Editing and Deleting
- Click any cookie row to edit its values inline
- Click the delete icon on a row to remove a single cookie
- Use Clear Domain to remove all cookies for a specific domain
Auto-Send
Cookies are automatically attached to outgoing requests when the request URL matches the cookie's domain and path. No manual configuration needed.
For example, if you have a cookie for api.example.com, every request to https://api.example.com/users will include it in the Cookie header.
Auto-Store
When a response includes Set-Cookie headers, Rostyman automatically parses and stores those cookies. They appear in the Cookie Manager immediately and are sent with subsequent matching requests.
This means login flows work naturally:
- Send a login request → server responds with
Set-Cookie: session=xyz - The cookie is stored automatically
- All subsequent requests to that domain include
Cookie: session=xyz
Cookies Sub-Tab in Request Builder
Each request tab has a Cookies sub-tab that shows cookies matching the current request URL. This lets you see exactly which cookies will be sent without opening the full Cookie Manager.
Tips
- Use the Cookie Manager to debug authentication issues — check if session cookies are being stored and sent correctly
- Manually add cookies when testing APIs that expect specific cookie values
- Clear cookies for a domain to simulate a fresh session