Can someone explain what these cookies are for?
We are using Classic Engine so I thought sid is the session cookie?
What are the other two used for?
You’re right, the sid is the Okta session cookie and you use it to authorize calls to the /api/v1/sessions/me and [/api/v1/users/me](https://Used to determine if the user needs to re-authenticate) endpoints, and just generally to verify that the user has an existing Okta session.
Our cookie policy has details about the other two cookies.
- JSESSIONID: Used for managing a user’s session management
- srefresh: Used to determine if the user needs to re-authenticate
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.