diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index 3b6b7d37899..de6031c1cff 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -285,7 +285,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
                             resp.addCookie(new Cookie("domainid", URLEncoder.encode(loginResponse.getDomainId(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("role", URLEncoder.encode(loginResponse.getType(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("username", URLEncoder.encode(loginResponse.getUsername(), HttpUtils.UTF_8)));
-                            resp.addCookie(new Cookie("sessionKey", URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8)));
+                            resp.addCookie(new Cookie("sessionkey", URLEncoder.encode(loginResponse.getSessionKey(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("account", URLEncoder.encode(loginResponse.getAccount(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("timezone", URLEncoder.encode(loginResponse.getTimeZone(), HttpUtils.UTF_8)));
                             resp.addCookie(new Cookie("userfullname", URLEncoder.encode(loginResponse.getFirstName() + " " + loginResponse.getLastName(), HttpUtils.UTF_8).replace("+", "%20")));
diff --git a/ui/scripts/cloudStack.js b/ui/scripts/cloudStack.js
index 2adb89c961c..55200b68669 100644
--- a/ui/scripts/cloudStack.js
+++ b/ui/scripts/cloudStack.js
@@ -117,14 +117,22 @@
                         }
                         return cookieValue;
                     };
-                    g_sessionKey = unBoxCookieValue('JSESSIONID');
+                    unBoxCookieValue('sessionkey');
+                    // if sessionkey cookie exists use this to set g_sessionKey
+                    // and destroy sessionkey cookie
+                    if ($.cookie('sessionkey')) {
+                        g_sessionKey = $.cookie('sessionkey');
+                        $.cookie('sessionkey', null);
+                    } else {
+                        g_sessionKey = unBoxCookieValue('JSESSIONID');
+                    }
                     g_role = unBoxCookieValue('role');
                     g_userid = unBoxCookieValue('userid');
                     g_domainid = unBoxCookieValue('domainid');
                     g_account = unBoxCookieValue('account');
                     g_username = unBoxCookieValue('username');
                     g_userfullname = unBoxCookieValue('userfullname');
-                    g_timezone = unBoxCookieValue('timezone');                    
+                    g_timezone = unBoxCookieValue('timezone');
                 } else { //single-sign-on	(bypass login screen)
                     g_sessionKey = encodeURIComponent(g_loginResponse.sessionkey);
                     g_role = g_loginResponse.type;
@@ -322,6 +330,7 @@
                         g_loginCmdText = null;
                         
                         $.cookie('JSESSIONID', null);
+                        $.cookie('sessionkey', null);
                         $.cookie('username', null);
                         $.cookie('account', null);
                         $.cookie('domainid', null);
@@ -345,6 +354,7 @@
 
             samlLoginAction: function(args) {
                 $.cookie('JSESSIONID', null);
+                $.cookie('sessionkey', null);
                 $.cookie('username', null);
                 $.cookie('account', null);
                 $.cookie('domainid', null);