Scrivito’s Cookie Usage

In this overview, we will name and give a short description of the cookies our services use. The services covered here are:

A Scrivito web application as seen by website visitors does not use cookies unless visitor authentication has been enabled, or third-party services requiring cookies have been included in the app.

Backend

Domain Cookie name Purpose
customer domain oin OpenID Connect session cookie (nonce) set during OAuth login of an editor.

uid Scrivito User ID set after editor login. Required throughout the Browser session.

us Cookie shared between the backend and the dashboard for identifying users logged into the dashboard.

Third-party cookies: —

Dashboard

Domain Cookie name Purpose
my.scrivito.com us Shared cookie, see above. 

cu Currently logged-in User, shared with the Scrivito UI: Contact ID, ID, email, realname

_scrivito_dashboard_session Session cookie 

Third-party cookies: Stripe, Intercom

Scrivito UI

Domain Cookie name Purpose
customer domain cu Currently logged-in user, originating from the dashboard, see above.

us User secret: Contact ID, secret

scrivito_editing_context UI context, e.g.: Current working copy, editing mode

Third-party cookies: —

scrivito.com

Third-party cookies: For the third-party services we use on scrivito.com, see our privacy policy.