Cookies and their purpose

Shivani Lakshman
15:16 Aug 11, 2020

Hello team,

Could you pleas explain the purpose of the following cookies that we get upon authentication?

BPMLOADER

.ASPXAUTH

BPMSESSIONID

 

Thanks in advance!

 

Like 0

Like

1 comments
Oleg Drobina
16:34 Aug 11, 2020

Hello Shivani,

 

BPMSESSIONID is a session cookie that is created in the RedisSessionStateStoreProvider. Its expiration time can be modified using the UserSessionTimeout system setting. It is not being generated when calling anonymous web-services and for all requests without session cookie a new session is generated (a separate record in SysUserSession table is created).

 

.ASPXAUTH cookie is generated in the AuthEngine and is also a session cookie. Its expiration date is modified using the UserSessionTimeout system setting as well.

 

BPMLOADER cookie is also a session cookie.

 

All these three cookies are required for sending all the requests in the app when working with it as described here https://academy.creatio.com/documents/technic-sdk/7-16/executing-odata-queries-using-fiddler.

 

Best regards,

Oscar

Show all comments