Okta Personal Cookie Policy
What are cookies?
Cookies are small text files placed on your computer by sites that you have visited. They are used to make websites work, or work more effectively and efficiently by remembering information about you, such as your language preference or login information.
Why and where we use them?
On this page, we provide a list of all the cookies and services that may set cookies on your device along with their purpose. Some cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting.
You can manage your cookie preferences on the Okta Personal settings page.
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, signing in or filling in forms.. You can set your browser to block or alert you about these cookies, but some parts of the site will not work. These cookies do not store any personally identifiable information.
| Site | Cookie | Purpose | Cookies used |
|---|---|---|---|
| personal.okta.com | okta-oauth-state | Used to store authentication state | First Party |
| personal.okta.com | okta-oauth-redirect-params | Used to store authentication state | First Party |
| personal.okta.com | okta-oauth-nonce | Used to store a number for identification that is only used once to maintain authentication state | First Party |
| personal.okta.com | JSESSIONID | Used for managing a user's session management | First Party |
| personal.okta.com | t | Used to store the color scheme used by the user interface | First Party |
| personal.okta.com | autolaunch_triggered | Used to store whether autolaunch is enabled | First Party |
| personal.okta.com | enduser_version | Used to determine the version of Okta to use | First Party |
| personal.okta.com | srefresh | Used to determine if the user needs to re-authenticate | First Party |
| personal.okta.com | DT | Used to device fingerprint for MFA | First Party |
| personal.okta.com | idx | Used to store Identity Engine session | First Party |
| personal.okta.com | okta_user_lang | Used to determine the user's preferred display language | First Party |
| id.okta.com | auth0_compat | Fallback cookie for SSO on browsers that don’t support sameSite=None | First Party |
| id.okta.com | __cf_bm | Cloudflare cookie to prevent bots | First Party |
| id.okta.com | auth0 | Used to implement the Auth0 session | First Party |
| id.okta.com | did_compat | Fallback cookie for anomaly detection on browsers that don’t support sameSite=None | First Party |
| id.okta.com | did | Used for device identification to protect against attacks | First Party |
| id.okta.com | auth0-mf_compat | Fallback cookie for MFA on browsers that don’t support sameSite=None | First Party |
| id.okta.com | auth0-mf | Used to establish the trust level for a given device | First Party |
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
| Site | Cookie | Purpose | Cookies used |
|---|---|---|---|
| pendo.io | * | Set by Pendo for product analytics | Third Party |
| amplitude | AMP_* | Set by Amplitude for product analytics | Third Party |
Okta Personal Mobile SDKs
We also use the Amplitude and Pendo Mobile SDKs for product analytics on our mobile applications and Instabug to improve app performance and bug reporting.