@dmorrow We investigated AP.cookie features but unfortunately it is not looking as a feasible solution for us. It is backed by a single cookie for all apps so it could be easily overflowed (a cookie max size should be considered equal to 4093 bytes). The max numbers of cookie is limited by 50 per a domain so we understand the reason why you are sharing a single cookie between all third-party apps.
Could you consider to add something like AP.localStorage? Using it should resolve all mentioned issues.