SessionID keeps changing in ASP.NET Core web api

asp.net core session not working
asp.net core session timeout not working
share session between asp.net and asp.net core
asp.net session id changes every request
asp net core sticky sessions
asp net core losing session state
asp net core abandon session
asp net session id not changing

I am using Angular 2 as front end and Asp.net Core Web API as server side.my problem is when i am trying to maintain session in HttpContext.Session ,But for every request the Session Id is Changing and the data has been lost,Know i want to Manage session in server side Is it possible to maintain session in web api if not any other way to maintain session in server side ?


This answer from TanvirArjel worked for me: ASP.NET core 2.1 session

Basically, on the ConfigureServices() method, in the Startup class, when you configure the Cookies Policy, you need to define "options.CheckConsentNeeded" as false, so it doesn't requires the user consent to use cookies (good for development).

Session Id is changed when a request is coming., hi, When a request is coming, every time the session id is different. For example, same web page just refresh it, the session id is different. The Session ID will change on each response until Session is set for the current user. https://docs.​microsoft.com/en-us/aspnet/core/fundamentals/app-state?view=  If your application requires a static session ID for the entire session, you can either implement the Session_Start method in the application’s Global.asax file and store data in the Session object to fix the session ID, or you can use code in another part of your application to explicitly store data in the Session object.


Following the approved answer did not solve my problem. Upon further search, i came across this post which explained the reason and a solution.

ASP.NET session details are dependent on cookies and cross domain requests have a problem with just that. Quoting from the aforementioned post -

XMLHttpRequest from a different domain cannot set cookie values for their own domain unless withCredentials is set to true before making the request

How this was addressed in Angular

Here is the summary of how i solved this in Angular

  1. Create an Angular Interceptor which as the name suggests intercepts the requests before they are sent (across the application)
  2. Clone the request object
  3. Add the withCredentials property with the value true

It should look something similar to this

@Injectable()
export class ConnectInterceptor implements HttpInterceptor {
    intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
        const authReq = req.clone({
            headers: req.headers.set("Authorization", "custom-token"),

            withCredentials: true // Importand for consistent session id in ASP.NET
        });
        return next.handle(authReq);
    }
}

Hope this helps

Why SessionID changes in every request in asp.net?, For details, see "Why does the SessionID remain the same after the Session times out?"If the Session_OnStart event is used, ASP.NET will  I am using Angular 2 as front end and Asp.net Core Web API as server side.my problem is when i am trying to maintain session in HttpContext.Session ,But for every request the Session Id is Changing and the data has been lost,Know i want to Manage session in server side Is it possible to maintain session in web api if not any other way to


Or you only need set some value to the session. The Id will stay.

HttpContext.Session.SetString("Something", "Something");

Why isn't my session state working in ASP.NET Core? Session state , In this post I describe why session state appears to not work in ASP. NET Core in Action, Second Edition is available now, and supports . Used to assign a unique identifier (the session ID) to a user. To demonstrate the change in behaviour related to the 2.0 to 2.1 upgrade, I'm going to start by building  I had this same problem in asp.net mvc, I fixed it by putting this method in my base api controller that all my api controllers inherit from: /// <summary> /// Get the session from HttpContext.Current, if that is null try to get it from the Request properties.


Session Id is changing every request in ASP.NET core 2.1 web api , I am working on asp.net core web application. I am not much aware of session state. When i login the application i have got the session id and I have pushed  For more information, see General Data Protection Regulation (GDPR) support in ASP.NET Core. Session state. Session state is an ASP.NET Core scenario for storage of user data while the user browses a web app. Session state uses a store maintained by the app to persist data across requests from a client.


Session in ASP.NET Core, ASP.NET Core maintains session state by providing a cookie to the When a session isn't retained, a new session ID is generated for each new request. However, sticky sessions can affect scalability and complicate web app updates. the last request may override session changes made by the first. You need to keep the same session ID for the same visitor in the same connection. If session ID changes in between page redirection, It will probably break your code especially if you are using session ID to improve ViewState complexity such as the example below: Page.ViewStateUserKey = Session.SessionID; Solution Make sure you don’t create […]


HttpSessionState.SessionID Property (System.Web.SessionState , NET and stored in a non-expiring session cookie in the browser. The SessionID value is then sent in a cookie with each request to the ASP.NET application. The ”New Project” window will pop up. Select .NET Core and select “ASP.NET Core Web Application”. Name your project and click “OK”.