diff --git a/README.md b/README.md
index c23484d..7c93bbc 100644
--- a/README.md
+++ b/README.md
@@ -427,12 +427,47 @@ server {
     auth_request_set $auth_cookie $upstream_http_set_cookie;
     add_header Set-Cookie $auth_cookie;
 
+    # When using the --set-authorization flag, some provider's cookies can exceed the 4kb 
+    # limit and so the OAuth2 Proxy splits these into multiple parts. 
+    # Nginx normally only copies the first `Set-Cookie` header from the auth_request to the response,
+    # so if your cookies are larger than 4kb, you will need to extract additional cookies manually.
+    auth_request_set $auth_cookie_name_upstream_1 $upstream_cookie_auth_cookie_name_1;
+      
+    # Extract the Cookie attributes from the first Set-Cookie header and append them
+    # to the second part ($upstream_cookie_* variables only contain the raw cookie content)
+    if ($auth_cookie ~* "(; .*)") {
+        set $auth_cookie_name_0 $auth_cookie; 
+        set $auth_cookie_name_1 "auth_cookie_name_1=$auth_cookie_name_upstream_1$1";
+    }
+    
+    # Send both Set-Cookie headers now if there was a second part
+    if ($auth_cookie_name_upstream_1) {
+        add_header Set-Cookie $auth_cookie_name_0;
+        add_header Set-Cookie $auth_cookie_name_1;
+    }
+
     proxy_pass http://backend/;
     # or "root /path/to/site;" or "fastcgi_pass ..." etc
   }
 }
 ```
 
+If you use ingress-nginx in Kubernetes (which includes the Lua module), you also can use the following configuration snippet for your Ingress:
+
+```yaml
+nginx.ingress.kubernetes.io/auth-response-headers: Authorization
+nginx.ingress.kubernetes.io/auth-signin: https://$host/oauth2/start?rd=$request_uri
+nginx.ingress.kubernetes.io/auth-url: https://$host/oauth2/auth
+nginx.ingress.kubernetes.io/configuration-snippet: |
+  auth_request_set $name_upstream_1 $upstream_cookie_name_1;
+
+  access_by_lua_block {
+    if ngx.var.name_upstream_1 ~= "" then
+      ngx.header["Set-Cookie"] = "name_1=" .. ngx.var.name_upstream_1 .. ngx.var.auth_cookie:match("(; .*)")
+    end
+  }
+```
+
 ## Contributing
 
 Please see our [Contributing](CONTRIBUTING.md) guidelines.
diff --git a/oauthproxy.go b/oauthproxy.go
index 83e6177..ab70686 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -331,7 +331,7 @@ func splitCookie(c *http.Cookie) []*http.Cookie {
 	count := 0
 	for len(valueBytes) > 0 {
 		new := copyCookie(c)
-		new.Name = fmt.Sprintf("%s-%d", c.Name, count)
+		new.Name = fmt.Sprintf("%s_%d", c.Name, count)
 		count++
 		if len(valueBytes) < maxCookieLength {
 			new.Value = string(valueBytes)
@@ -359,7 +359,7 @@ func joinCookies(cookies []*http.Cookie) (*http.Cookie, error) {
 	for i := 1; i < len(cookies); i++ {
 		c.Value += cookies[i].Value
 	}
-	c.Name = strings.TrimRight(c.Name, "-0")
+	c.Name = strings.TrimRight(c.Name, "_0")
 	return c, nil
 }
 
@@ -376,7 +376,7 @@ func loadCookie(req *http.Request, cookieName string) (*http.Cookie, error) {
 	count := 0
 	for err == nil {
 		var c *http.Cookie
-		c, err = req.Cookie(fmt.Sprintf("%s-%d", cookieName, count))
+		c, err = req.Cookie(fmt.Sprintf("%s_%d", cookieName, count))
 		if err == nil {
 			cookies = append(cookies, c)
 			count++