diff --git a/README.md b/README.md
index 4336019..b6c82c3 100644
--- a/README.md
+++ b/README.md
@@ -170,6 +170,7 @@ All settings are configured through environment variables.
 * `SESSION_COOKIE_SECURE`: Set SECURE flag of the session cookie (see [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie))
 * `SESSION_COOKIE_HTTP_ONLY`: Set HTTP_ONLY flag of the session cookie (see [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie)), on by default.
 * `SESSION_COOKIE_SAME_SITE`: Set SAME_SITE flag of the session cookie (see [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie)), "Lax" by default unless `DEFAULT_ACCESS_CONTROL_ALLOW_ORIGIN_HEADER` is "*" then "None" by default.  This means the cookie is available only on your site unless you've also set the CORS header.
+* `SESSION_COOKIE_MAX_AGE`: Set the number of seconds until the cookie expires. By default this is not set and the cookie is a [session cookie](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#expiresdate).
 * `IDLE_TIMEOUT`: the amount of time (in ms) that idle requests will be kept open (see [`idle_timeout` in the Cowboy docs](https://ninenines.eu/docs/en/cowboy/2.5/manual/cowboy_http/))
 * `OVERRIDE_VARY_HEADER`: EXPERIMENTAL When set, the [`Vary` header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Vary) is overriden with the specified variable, regardless of what the backend provides.
 
diff --git a/config/config.exs b/config/config.exs
index 93e1d13..594a728 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -49,6 +49,7 @@ config :mu_identifier,
   default_access_control_allow_origin_header:
     System.get_env("DEFAULT_ACCESS_CONTROL_ALLOW_ORIGIN_HEADER"),
   default_mu_auth_allowed_groups_header: System.get_env("DEFAULT_MU_AUTH_ALLOWED_GROUPS_HEADER"),
+  session_cookie_max_age:  System.get_env("SESSION_COOKIE_MAX_AGE"),
   session_cookie_secure: CH.system_boolean("SESSION_COOKIE_SECURE", false),
   session_cookie_http_only: CH.system_boolean("SESSION_COOKIE_HTTP_ONLY", true),
   session_cookie_same_site: CH.calculate_same_site(),
diff --git a/lib/proxy.ex b/lib/proxy.ex
index 27f7581..ef4ee52 100644
--- a/lib/proxy.ex
+++ b/lib/proxy.ex
@@ -63,11 +63,18 @@ defmodule Proxy do
   end
 
   def opts_from_environment do
-    [
+    base_opts = [
       secure: Application.get_env(:mu_identifier, :session_cookie_secure),
       http_only: Application.get_env(:mu_identifier, :session_cookie_http_only),
       same_site: Application.get_env(:mu_identifier, :session_cookie_same_site)
     ]
+
+    max_age = Application.get_env(:mu_identifier, :session_cookie_max_age)
+
+    case max_age do
+      nil -> base_opts
+      age -> base_opts ++ [max_age: String.to_integer(age)]
+    end
   end
 
 end