Menu
I understand that the idsrv.session cookie is used to detect whether or not a user's session has changed. This cookie is part of the the OIDC Session Management implementation that is provided in IdentityServer. What I then don't understand is what the idsrv cookie is used for. Can someone please explain?
348
The .session cookie is only used by the session monitoring endpoint to detect if the current session has changed. You’ll notice that it is not set as HTTP only and thus can be accessed by script run by that endpoint. It is not the authentication cookie.
85
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
