We are switching off article comments on this website. Read about the upcoming changes to Atlassian Documentation.
Atlassian Cloud uses Seraph, an open source framework, for .
You can read about cookies on the Wikipedia page.
The following cookies are in use:
studio.crowd.tokenkeyauthentication cookie is used for single sign-on (SSO) between Atlassian Cloud applications. Like the JSESSIONID cookie, this cookie also contains a random string and the cookie expires at the end of every session or when the browser is closed.
For the original login functionality: The 'remember my login' cookie (aka the 'remember me' cookie),
seraph.rememberme.cookie, is generated by Atlassian Cloud when the user selects the Remember my login on this computer check box on the login page.
ondemand.autologin, is generated by Atlassian Cloud when the user selects the Remember me check box on the login page.
The 'remember my login' cookie is a long-lived HTTP cookie. This cookie can be used to authenticate an unauthenticated session. Atlassian Cloud generates this cookie when the user selects the Remember my login on this computer check box or Remember me on the login page.
The cookie contains a unique identifier plus a securely-generated random string (i.e. token). This token is generated and stored by Atlassian Cloud.
When a user requests a web page, if the request is not already authenticated via session-based authentication or otherwise, Atlassian Cloud will match the 'remember my login' cookie (if present) against the token (also if present), stored for the user by Atlassian Cloud.
If the random string matches the value stored in the database and the cookie has not expired, the user is authenticated.
The value is the system default value and is not configurable.
There are several cookies in the cloud that are used for storing basic presentation states, such as the number of log lines to show, and which tab was previously selected etc.. They are:
|Cookie Key||Purpose||Cookie Contents||Expiry|
Helps prevent XSRF attacks. Ensures that during a user's session, browser requests sent to an Atlassian Cloud instance are originated from that Cloud instance. For more information about XSRF checking by JIRA, see Form Token Checking on the Atlassian Developers site.
|Your Atlassian Cloud service's Server ID, a securely-generated random string (i.e. token) and a flag that indicates whether or not the user was logged in at the time the token was generated.||At the end of every session or when the browser is closed.|
|studio.project.rec.used.cookie||Stores the most recently used projects. Used by Atlassian Cloud to track recently viewed projects for the user.||The project keys of all the recently viewed projects, each seperated by the string '-_-'.||One year from the date it is set or was last updated.|
Tracks which general tabs were last used or expansion elements were last opened or closed.
|One or more key-value strings that indicate the states of your last general tab views or expansion elements.||One year from the date it is set or was last updated.|