Reference: Sitefinity CMS cookies

The following table lists cookies that Sitefinity CMS uses.

Cookie Description  Expires 
sf-trckngckie 
Logs the page visit. 180 days
sf-tracking-consent Saves the tracking consent choice, made by visitors.  9999 days 
sf-site 
In multisite environment, remembers the ID of the current site.  2 years 
ASP.NET_SessionId 
Contains information about the browser session and enables visitors to log into the website.  Session 
.ASPXAUTH Determines whether a user is authenticated.   
.SFAUTH (configurable)  Used for authentication tickets caching.  600 minutes by default (configurable) 
.SFROLES (configurable)  Used to cache user roles.  30 minutes by default (configurable) 
.SFLOG (configurable)  Used to pass the reason to login form and to display the reason.   
.AspNet.Cookies
The relying party cookie (claims authentication mode) that is used to cache authentication information. You can configure it in the AuthenticationConfig. Expiration depends on the Remember me checkbox.
Sliding, 600 minutes or session (configurable) 
.AspNet.Temp.Cookies Helper relying party cookie during authentication.
5 minutes
SF-TokenId 
Handles the claims token (claims authentication mode). Could be configured in the SecurityConfig file.
118 minutes by default (configurable) 
sf_timezoneoffset  Stores the value of the UTC time zone offset for the particular user, that is, the timezone difference between UTC and the user's local time, in minutes. This cookie is stored only for logged in users.  Session 
sfExpPages_ + rootNodeKey  Saves the key of the node expanded in the backend.  1 year 
shoppingCartId 
Holds the ID of the customer's shopping cart.  6 months 
selectedDisplayCurrency 
Holds the display currency selected by the customer.  Session 
_mkto_trk 
Used to get the Munchkin token - only for Marketo connector.   
VisitorsCounterUniqueId 
Used for counting web visits as a unique parameter.  Persistent
sf-abissuesckie 
Used in the issues grid of email campaigns A/B test.  2 years 
sf-issuesckie 
Used in the issues grid of email campaigns.  2 years 
cartOrderId 
Used to cache current cart order ID - only if configured.   
idsrv
IdentityServer3 cookie used to cache information about the current user. Expiration depends on Remember me checkbox. Configuration in AuthenticationConfig.
30 days or session (configurable)
OpenIdConnect.nonce
Used to validate the identity token received from the Identity Provider (IdenityServer). It is a session cookie, but the information contained expires in 1 hour
Session

sf_abtest

Once you start an A/B test, this cookie stores the IDs of the page variations, already visited by contacts.

30 years

Was this article helpful?