diff --git a/.schemas/config.schema.json b/.schemas/config.schema.json
index dbad4be5ac..f2815c1607 100644
--- a/.schemas/config.schema.json
+++ b/.schemas/config.schema.json
@@ -481,7 +481,7 @@
                 "header": {
                   "title": "Header",
                   "type": "string",
-                  "description": "The header (case insensitive) that must contain a token for request authentication.\n It can't be set along with query_parameter."
+                  "description": "The header (case insensitive) that must contain a token for request authentication.\n It can't be set along with query_parameter or cookie."
                 }
               }
             },
@@ -493,7 +493,19 @@
                 "query_parameter": {
                   "title": "Query Parameter",
                   "type": "string",
-                  "description": "The query parameter (case sensitive) that must contain a token for request authentication.\n It can't be set along with header."
+                  "description": "The query parameter (case sensitive) that must contain a token for request authentication.\n It can't be set along with header or cookie."
+                }
+              }
+            },
+            {
+              "required": [
+                "cookie"
+              ],
+              "properties": {
+                "cookie": {
+                  "title": "Cookie",
+                  "type": "string",
+                  "description": "The cookie (case sensitive) that must contain a token for request authentication.\n It can't be set along with header or query_parameter."
                 }
               }
             }
@@ -1242,4 +1254,4 @@
   },
   "required": [],
   "additionalProperties": false
-}
\ No newline at end of file
+}
diff --git a/helper/bearer.go b/helper/bearer.go
index 4aac2c9fc8..e49a6311bd 100644
--- a/helper/bearer.go
+++ b/helper/bearer.go
@@ -32,6 +32,7 @@ const (
 type BearerTokenLocation struct {
 	Header         *string `json:"header"`
 	QueryParameter *string `json:"query_parameter"`
+	Cookie         *string `json:"cookie"`
 }
 
 func BearerTokenFromRequest(r *http.Request, tokenLocation *BearerTokenLocation) string {
@@ -40,6 +41,12 @@ func BearerTokenFromRequest(r *http.Request, tokenLocation *BearerTokenLocation)
 			return r.Header.Get(*tokenLocation.Header)
 		} else if tokenLocation.QueryParameter != nil {
 			return r.FormValue(*tokenLocation.QueryParameter)
+		} else if tokenLocation.Cookie != nil {
+			cookie, err := r.Cookie(*tokenLocation.Cookie)
+			if err != nil {
+				return ""
+			}
+			return cookie.Value
 		}
 	}
 	token := r.Header.Get(defaultAuthorizationHeader)