Lambda function URL not returning multiple cookies


I have a Lambda function URL that needs to return multiple cookies. Unlike API Gateway, it would appear that there may be a bug in the Lambda function URL code. I have the following sample code

def lambda_handler(event, context):

    return {
        'statusCode': 200,
        'headers': {
                'Content-Type': 'text/html',
                'Set-Cookie' : [
                    'cookie1=hello; Secure; HttpOnly;',
                    'cookie2=howdy; Secure; HttpOnly;'
        'body': '<html><h1>Hello</h1><p>Lambda rocks!</p></html>'

When executing the URL (eg curl -v 2>&1 | grep "set-cookie") I would expect to see something like

set-cookie: cookie1=hello; Secure; HttpOnly;
set-cookie: cookie2=howdy; Secure; HttpOnly;

Instead, the function URL mangles up the output, and returns something like this

set-cookie: [cookie1=hello; Secure; HttpOnly;, cookie2=howdy; Secure; HttpOnly;]

There is precedent for using multiValueHeaders with Lambda through API gateway (see yet the same functionality does not appear to exist on Lambda Function URLs.

Have you been able to send multiple cookies from a Lambda function through the function URLs, and how were you able to achieve it in your environment?

profile picture
asked a year ago410 views
3 Answers

Use multiValueHeaders instead of headers..

const response = {
        statusCode: 200,
        multiValueHeaders : {"Set-Cookie": [`language=${language}`, `theme=${theme}`]},
        body: JSON.stringify('User profile set successfully')
profile pictureAWS
answered a year ago
  • This approach isn't working for me. It's the correct approach in API Gateway, but the multiValueHeaders key seems to be ignored on Lambda Function URLs.


So multivalueValueHeaders doesnt work as per format 2.0:

Which points you to use "cookies" field:

Which also doesn't work which leaves us with "case iteration":

# python 3
  response = {
        "statusCode": 200,
        "headers": {
            "Set-cookie": "cookie1=1",
            "SEt-cookie": "cookie2=2",
            "SET-cookie": "cookie2=2"

Or library that maybe accomplishes above:

answered 8 months ago

As per the 2.0 format, you can you the cookies attribute:

  "statusCode": 200,
  "body": "<html><div><b>V2</b></div></html>",
  "headers": {
    "Content-Type": "text/html"
  "cookies": [
    "CloudFront-Key-Pair-Id=foo; Path=/",
    "CloudFront-Policy=foo; Path=/",
    "CloudFront-Signature=foo; Path=/"


answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions