Our app agent always sets secure cookie over a secure channel. The secure attribute is not always visible in the Headers tab of the developer tool but it does not imply that the cookie is insecure.
To verify if the cookie is secure or not, follow the below steps in chrome:
1. Open the developer tool and access the page instrumented for which backend correlation is enabled.
2. In the developer tool of the browser click on the Application tab.
3. In the Storage section in left navigation pan, browse to cookie section. Select the URL instrumented.
4. It will show all the cookies with various attributes as column. If the secure column is ticked for a cookie that implies the cookie is secure.