Cookie Specifications
The FintechOS Platform uses the following cookies:
Server-Side Encrypted Cookies
These are security cookies used for client-server authentication.
| Cookie | Description | Expiry |
|---|---|---|
| .EBSCORE$1 | Authentication cookie. | Session |
| .EBSCORE$1-CSRFToken | CSRF prevention token cookie. | Session |
| .EBSCORE$1_PartialToken | Used for authentication. | Session |
| IdToken | Identity token generated by the identity provider for the current user. | Session |
| AccessToken | Access token generated by the identity provider for the current user for accessing the platform resources. | IDP configurable (Access Token Lifespan) |
| RefreshToken | Session token generated by the identity provider for the current user session. | IDP configurable (SSO Session Idle) |
| RefreshExpTicks | Session token time-to-live expressed in ticks. | IDP configurable (SSO Session Idle) |
Client-Side Cookies
These are client-side generated cookies that store a transient state. Prior to release 24.1.1, they were saved unencrypted in the Document Object Model cookies object. Starting with release 24.1.1, they have been migrated and are now either sent via request headers or stored in local storage, enforcing secure sessions for user data.
| Cookie | Description | Expiry |
|---|---|---|
| .EBSCORE$1-CorrelationId | Browser session specific cookie used for logging. | Session |
| .EBSCORE$1-culture | Current language. Preserves language settings between user sessions. | 365 days |
| .EBSCORE$1-ShowTooltipsOnForms | Show/hide tooltips in FintechOS Portal forms. | 100 days |
| .EBSCORE$1-palette | Color palette settings for FintechOS Portal. | 100 days |
| .EBSCORE$1-theme | Theme settings for FintechOS Portal. | 100 days |