diff --git a/apps/emqx_auth_http/etc/emqx_auth_http.conf b/apps/emqx_auth_http/etc/emqx_auth_http.conf
index 56f76cf39..0df589169 100644
--- a/apps/emqx_auth_http/etc/emqx_auth_http.conf
+++ b/apps/emqx_auth_http/etc/emqx_auth_http.conf
@@ -28,7 +28,6 @@ auth.http.auth_req.content_type = x-www-form-urlencoded
 ##  - %p: sockport of server accepted
 ##  - %C: common name of client TLS cert
 ##  - %d: subject of client TLS cert
-##  - %k: websocket cookie
 ##
 ## Value: Params
 auth.http.auth_req.params = clientid=%c,username=%u,password=%P
@@ -59,7 +58,6 @@ auth.http.auth_req.params = clientid=%c,username=%u,password=%P
 ##  - %p: sockport of server accepted
 ##  - %C: common name of client TLS cert
 ##  - %d: subject of client TLS cert
-##  - %k: websocket cookie
 ##
 ## Value: Params
 #auth.http.super_req.params = clientid=%c,username=%u
@@ -89,7 +87,6 @@ auth.http.acl_req.content_type = x-www-form-urlencoded
 ##  - %r: protocol
 ##  - %m: mountpoint
 ##  - %t: topic
-##  - %k: websocket cookie
 ##
 ## Value: Params
 auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,mountpoint=%m
diff --git a/apps/emqx_auth_http/src/emqx_auth_http_cli.erl b/apps/emqx_auth_http/src/emqx_auth_http_cli.erl
index 32edd6190..c56e45d49 100644
--- a/apps/emqx_auth_http/src/emqx_auth_http_cli.erl
+++ b/apps/emqx_auth_http/src/emqx_auth_http_cli.erl
@@ -80,7 +80,6 @@ feedvar(Params, ClientInfo = #{clientid := ClientId,
                  ({Param, "%A"}) -> {Param, maps:get(access, ClientInfo, null)};
                  ({Param, "%t"}) -> {Param, maps:get(topic, ClientInfo, null)};
                  ({Param, "%m"}) -> {Param, maps:get(mountpoint, ClientInfo, null)};
-                 ({Param, "%k"}) -> {Param, emqx_json:encode(maps:get(ws_cookie, ClientInfo, null))};
                  ({Param, Var})  -> {Param, Var}
               end, Params).
 
diff --git a/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl b/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl
index fc716f5ae..f9acdc638 100644
--- a/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl
+++ b/apps/emqx_auth_http/test/emqx_auth_http_SUITE.erl
@@ -171,10 +171,3 @@ t_comment_config(_) ->
     ?assertEqual(AuthCount - 1, length(emqx_hooks:lookup('client.authenticate'))),
     ?assertEqual(AclCount - 1, length(emqx_hooks:lookup('client.check_acl'))).
 
-t_feedvar(_) ->
-    Params = [{"cookie", "%k"}],
-    User0 = ?USER(<<"client1">>, <<"testuser">>, mqtt, {127,0,0,1}, external),
-    ?assertEqual([{"cookie", <<"null">>}], emqx_auth_http_cli:feedvar(Params, User0)),
-
-    User1 = User0#{ws_cookie => [{<<"k">>, <<"v">>}]},
-    ?assertEqual([{"cookie", <<"{\"k\":\"v\"}">>}], emqx_auth_http_cli:feedvar(Params, User1)).
diff --git a/src/emqx_types.erl b/src/emqx_types.erl
index c54832b85..b92d457b8 100644
--- a/src/emqx_types.erl
+++ b/src/emqx_types.erl
@@ -136,7 +136,7 @@
                         is_bridge    := boolean(),
                         is_superuser := boolean(),
                         mountpoint   := maybe(binary()),
-                        ws_cookie    => wscookie(),
+                        ws_cookie    => maybe(list()),
                         password     => maybe(binary()),
                         auth_result  => auth_result(),
                         anonymous    => boolean(),
@@ -150,7 +150,6 @@
 -type(peerhost() :: inet:ip_address()).
 -type(peername() :: {inet:ip_address(), inet:port_number()}
                   | inet:returned_non_ip_address()).
--type(wscookie() :: [{binary(), binary()}]).
 -type(protocol() :: mqtt | 'mqtt-sn' | coap | lwm2m | stomp | none | atom()).
 -type(auth_result() :: success
                      | client_identifier_not_valid