Cookies used by Sitecore
Version:
Sitecore Experience Platform issues cookies to website visitors and client users. The following tables describe the purpose of each cookie and link to configuration options where applicable.
Note
For a list of the cookies used by the Sitecore Content Hub, see Cookie usage.
Sitecore visitor cookies
Sitecore visitor cookies
The following cookies can be issued to website visitors:
| Cookie name | Description | Configuration options |
|---|---|---|
sxa_site | Functional cookie. Stores the name of the context site. Used by the Sitecore Experience Accelerator for wireframe images. Sample value: docsite | |
privacy-notification | Used by the Sitecore Experience Accelerator only. Expiry is set to 1 year. Used by SXA privacy component. Note The privacy component only sets a cookie - it does not disable tracking or any other forms of processing if consent is revoked. | |
sc_test_combination | Used by the Experience Optimization feature to store information about the test variant used on the current page. | |
SC_ANALYTICS_GLOBAL_COOKIE | Sitecore's analytics cookie. Stores an ID (issued by Sitecore) that represents the device and a true/false value indicating whether visitor classification was guessed (robot or not robot). Used by the tracker to identify a returning contact. Only issued if tracking is enabled. Sample value: 26c532a61c5247719cc8b68b0c41f7e4|FalseNote Customization is required to | Configure cookie lifetime |
SC_TRACKING_CONSENT | Sitecore's tracking consent cookie. | Enable or disable web tracking based on visitor consent |
ASP.NET_SessionId | The default ASP.NET session ID cookie. | Configured on the sessionState element in web.config. |
__RequestVerificationToken | The default ASP.NET anti-XSRF cookie. | |
{website}#lang | Stores context language of the current site. Sample value: docsite#en | |
IsRedirectedFrom404 | This cookie is used exclusively by the Sitecore Experience Accelerator (SXA). It is set when a user is redirected to the "Page Not Found" link configured in SXA sites through Generate a custom static error page. |
Sitecore client user cookies
Sitecore client user cookies
The following cookies are issued to users of the Sitecore client interfaces (for example, the Experience Editor):
| Cookie name | Description |
|---|---|
.aspnet.cookies | Authentication cookie. Set for Sitecore client users if you use Sitecore.Owin.Authentication. |
.aspnet.cookies.preview | Authentication cookie. Set for Sitecore client users in Preview mode if you use Sitecore.Owin.Authentication. |
sc_rotated_simulator_id | Used by device preview mode. |
sc_simulator_id | Used by device preview mode. |
sc_date | Used by Experience Editor for previewing and setting date and time in Editor Mode. |
sc_pview_shuser | Preview Shell User Cookie used when accessing the shell site during preview. |
sc_rte_shuser | RTE Shell User Cookie used to set up Editor. |
scContentEditorFolders | State of the “Content tree” option (check box), located on the ribbon of Content Editor. |
scContentEditorFoldersWidth | Width of the content tree panel in the Content Editor. Appears after resizing by a user. |
lang | Usually refers to Sitecore item’s language or Sitecore client language. |
fileDownloadToken{...} | Used for the file upload/download interface. For internal use only. |
messageLanguage | Preserves the selected language for a message. For internal use only. |
{website}#lang | Sitecore’s client language. |
{website}#sc_mode | Used by Experience Editor to indicate Edit, Preview, or Normal mode. |
{website}#sc_date | Used by Experience Editor to set or get the value from the Date or DateTime field. |
{website}#sc_debug | Used by Experience Editor to indicate Debug mode. |
{website}#sc_prof | Used by Experience Editor to enable or disable profiling. |
{website}#sc_rb | Used by Experience Editor to enable or disable borders. |
{website}#sc_ri | Used by Experience Editor to enable or disable Sitecore Information. |
{website}#sc_trace | Used by Experience Editor to enable or disable Sitecore Trace. |
.ASPXAUTH | Default authentication cookie if you do not use Sitecore.Owin.Authentication. |
sitecore_userticket | Sitecore license assumes a limited number of concurrent users (tickets). Sitecore keeps track of every user logged in to the system and assigns a Sitecore user ticket to each. |
sitecore_starturl | Start page URL for the Shell site. |
__CSRFCOOKIE | Protection against cross-site request forgery (CSRF) attacks. |
sc_fv | Shockwave Flash version. |
sc_last_page_mode_command | Used by Experience Editor to indicate last page mode. |
experienceeditor_deviceId | Used by Experience Editor. Cookie for Device ID |
sitecore_floatie_state | Position preferences of the Floatie form. |
utcOffset | For internal use only. |
If you have suggestions for improving this article, let us know!