You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/identity/authorization-cookie/index.mdx
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,14 +32,14 @@ If the Access application has more than five domains, Access will not preemptive
32
32
33
33
The following Access cookies are essential to Access functionality. Cookies that are marked as required cannot be opted out of. The following cookies are not used for tracking or analytics.
|[CF_Authorization](/cloudflare-one/identity/authorization-cookie/#access-jwts) (team domain) |[JSON web token (JWT)](https://www.cloudflare.com/learning/access-management/token-based-authentication/) set on the `cloudflareaccess.com`[team domain](/cloudflare-one/faq/getting-started-faq/#what-is-a-team-domainteam-name) that contains the user's identity and enables Access to perform single sign-on (SSO) | If set, adheres to [global session duration](/cloudflare-one/identity/users/session-management/#global-session-duration).<br/><br/>If not, adheres to [application session duration](/cloudflare-one/identity/users/session-management/#application-session-duration).<br/><br/>If neither are set, defaults to 24 hours. | Yes | None | Required |
38
-
|[CF_Authorization](/cloudflare-one/identity/authorization-cookie/#access-jwts) (Access application domain) |[JSON web token (JWT)](https://www.cloudflare.com/learning/access-management/token-based-authentication/) set on the domain protected by Access that allows Access to confirm that the user has been authenticated and is authorized to reach the origin | If set, adheres to [policy session duration](/cloudflare-one/identity/users/session-management/#policy-session-duration).<br/><br/>If not, adheres to [application session duration](/cloudflare-one/identity/users/session-management/#application-session-duration).<br/><br/>If neither are set, defaults to 24 hours. | Admin choice (Default: None) | Admin choice (Default: None) | Required |
39
-
| CF_Binding | Refer to [Binding cookie](/cloudflare-one/identity/authorization-cookie/#binding-cookie)| If set, adheres to [policy session duration](/cloudflare-one/identity/users/session-management/#policy-session-duration).<br/><br/>If not, adheres to [application session duration](/cloudflare-one/identity/users/session-management/#application-session-duration).<br/><br/>If neither are set, defaults to 24 hours. | Yes | None | Optional |
40
-
| CF_Session |[CSRF](https://www.cloudflare.com/learning/security/threats/cross-site-request-forgery/) token used on the `cloudflareaccess.com`[team domain](/cloudflare-one/faq/getting-started-faq/#what-is-a-team-domainteam-name)| 4 hours | Yes | None | Required |
41
-
| CF_AppSession |[CSRF](https://www.cloudflare.com/learning/security/threats/cross-site-request-forgery/) token used per application domain, scoped to individual applications behind Access | 24 hours | Yes | None | Required |
42
-
| CF_Device | Cookie used to help prevent abuse of the [Access OTP flow](https://developers.cloudflare.com/cloudflare-one/identity/one-time-pin/)| 30 days | Yes | Strict | Required |
|[CF_Authorization](/cloudflare-one/identity/authorization-cookie/#access-jwts) (team domain) |[JSON web token (JWT)](https://www.cloudflare.com/learning/access-management/token-based-authentication/) set on the `cloudflareaccess.com`[team domain](/cloudflare-one/faq/getting-started-faq/#what-is-a-team-domainteam-name) that contains the user's identity and enables Access to perform single sign-on (SSO) |<details><summary>View</summary>If set, adheres to [global session duration](/cloudflare-one/identity/users/session-management/#global-session-duration).<br/><br/>If not, adheres to [application session duration](/cloudflare-one/identity/users/session-management/#application-session-duration).<br/><br/>If neither are set, defaults to 24 hours.</details>| Yes | None | Required |
38
+
|[CF_Authorization](/cloudflare-one/identity/authorization-cookie/#access-jwts) (Access application domain) |[JSON web token (JWT)](https://www.cloudflare.com/learning/access-management/token-based-authentication/) set on the domain protected by Access that allows Access to confirm that the user has been authenticated and is authorized to reach the origin |<details><summary>View</summary>If set, adheres to [policy session duration](/cloudflare-one/identity/users/session-management/#policy-session-duration).<br/><br/>If not, adheres to [application session duration](/cloudflare-one/identity/users/session-management/#application-session-duration).<br/><br/>If neither are set, defaults to 24 hours.</details>| Admin choice (Default: None) | Admin choice (Default: None) | Required |
39
+
| CF_Binding | Refer to [Binding cookie](/cloudflare-one/identity/authorization-cookie/#binding-cookie)|<details><summary>View</summary>If set, adheres to [policy session duration](/cloudflare-one/identity/users/session-management/#policy-session-duration).<br/><br/>If not, adheres to [application session duration](/cloudflare-one/identity/users/session-management/#application-session-duration).<br/><br/>If neither are set, defaults to 24 hours.</details>| Yes | None | Optional |
40
+
| CF_Session |[CSRF](https://www.cloudflare.com/learning/security/threats/cross-site-request-forgery/) token used on the `cloudflareaccess.com`[team domain](/cloudflare-one/faq/getting-started-faq/#what-is-a-team-domainteam-name)| 4 hours | Yes | None | Required |
41
+
| CF_AppSession |[CSRF](https://www.cloudflare.com/learning/security/threats/cross-site-request-forgery/) token used per application domain, scoped to individual applications behind Access | 24 hours | Yes | None | Required |
42
+
| CF_Device | Cookie used to help prevent abuse of the [Access OTP flow](https://developers.cloudflare.com/cloudflare-one/identity/one-time-pin/)| 30 days | Yes | Strict | Required |
0 commit comments