Keep people logged in across subdomains in modern Drupal (and set services.yml per environment)

It’s the nature of cookies to not work across domains, but you can make a cookie work for all subdomains of a given domain (,, and

By default, Drupal doesn’t promote that: Someone logging into will not be logged into

Per an unedited sevices.yml:

 # Drupal automatically generates a unique session cookie name based on the
 # full domain name used to access the site. This mechanism is sufficient
 # for most use-cases, including multi-site deployments. However, if it is
 # desired that a session can be reused across different subdomains, the
 # cookie domain needs to be set to the shared base domain. Doing so assures
 # that users remain logged in as they cross between various subdomains.
 # To maximize compatibility and normalize the behavior across user agents,
 # the cookie domain should start with a dot.
 # @default none
 # cookie_domain: ''

So you can make a

 * Enable production-specific services.
$settings['container_yamls'][] = DRUPAL_ROOT . '/sites/default/';

Hat tip to