Stateful HTTP tests in JMeter need a place to keep cookies between requests. A login sampler can receive a session cookie, but a later account, cart, or API sampler looks like a new visitor unless JMeter stores that cookie and sends it with matching requests.
The HTTP Cookie Manager stores server-set cookies per virtual user thread, so one user does not inherit another user's session. Place it in the same scope as the HTTP samplers that belong to the browser-like journey, usually under the relevant Thread Group.
Use the GUI to add the manager and keep the normal session behavior explicit before saving the plan. Leave Clear Cookies each Iteration disabled when loop iterations should continue the same browser session, and enable it only when each loop must start as a fresh visitor.
Related: How to add a Cache Manager in JMeter
Related: How to add HTTP headers in JMeter
Steps to add a JMeter HTTP Cookie Manager:
- Open the test plan in the JMeter GUI and select the Thread Group that contains the login and session-dependent HTTP samplers.
- Add the cookie manager under that Thread Group from Thread Group → Add → Config Element → HTTP Cookie Manager.
- Name the element for the session it manages.
- Leave the User-Defined Cookies table empty for normal login cookies.
Server-set cookies are stored automatically. Cookies entered manually in the table reuse one cookie value across every JMeter thread instead of storing one session per virtual user.
- Keep Cookie Policy set to standard unless the target application requires a legacy cookie policy.
- Keep Implementation at the default HC4CookieHandler value.
- Leave Clear Cookies each Iteration disabled when the same virtual user should remain logged in across loop iterations.
Enable this option only when each loop should begin without cookies from the previous loop.
- Save the test plan.
- Run a short non-GUI smoke test against a login flow that sets a cookie and a later request that requires it.
$ jmeter -n -t cookie-manager-demo.jmx -l cookie-manager-results.jtl Creating summariser <summary> Created the tree successfully using cookie-manager-demo.jmx Starting standalone test @ 2026 Jun 29 22:17:13 GMT summary = 2 in 00:00:00 = 24.1/s Avg: 7 Min: 0 Max: 15 Err: 0 (0.00%) Tidying up ... ... end of run
- Check the application log, mock endpoint log, or View Results Tree request data for the later sampler.
$ cat cookie-session-server.log server=listening port=18082 request method=GET path=/login cookie=- request method=GET path=/account cookie=SESSIONID=abc123
The first request has no incoming session cookie. The later request includes SESSIONID=abc123, which confirms that the HTTP Cookie Manager stored the login cookie and sent it to the protected request.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.