Adobe Target cookies
Adobe Target uses cookies to give website operators the ability to test which online content and offers are more relevant to visitors.
at.js
). See Adobe Experience Platform Web SDK cookies for information on Target implementations using the Web SDK.First-party cookies
The following first-party cookies are stored on the customer’s domain:
mbox
Stores anonymous identifiers about the visitor.
Cookie domain: The domain from which you serve the mbox. Because this cookie is served from your company’s domain, the cookie is a first-party cookie. If any of your domain names include a country code, such as example.co.uk
, work with Client Services to configure at.js
to support this code. For information about customizing the cookie domain, if necessary, see cookieDomain
under targetGlobalSettings in the Adobe Target developer guide.
Server domain: clientcode.tt.omtrdc.net
, using the client code for your Adobe Target account.
Cookie duration: The cookie remains on the visitor’s browser two years from the last login. You cannot change the cookie duration.
The cookie keeps some values to manage how your visitors experience Target activities:
session ID: A unique identifier for a given user session. By default the session expires after 30 minutes of inactivity. If you are generating sessionId
yourself (for example, for server-side implementations), ensure the following:
- The session ID can be any printable string except a space, question mark ( ? ), or a forward slash ( / ).
- The session ID should be from 1 to 128 characters in length.
- For a particular session, the cookie’s value must stay the same across multiple requests.
- You should never have parallel sessions (distinct
sessionIds
) for a given visitor at any point in time.
Routing to a particular node in the edge cluster is done using session ID.
- The session is active for 30 minutes on the server side. Therefore, you shouldn’t use a different session Id for a particular
tntId/thirdPartyId
within 30 minutes of the last request made with thetntId/thirdPartyId
. Otherwise, changes to the profile could be inconsistent and unpredictable. - A new session ID must be used after thirty minutes of inactivity from a visitor.
- Using the same session ID with multiple
tntIds/thirdPartyIds
can cause unpredictable changes to the profiles identified by thetntId/thirdPartyIDs
.
NOTE: See limit on number of concurrent requests for a given session ID.
pc ID: A semi-permanent ID for a visitor’s browser. Lasts until cookies are manually deleted.
check: A simple test value used to determine if a visitor supports cookies. Set each time a visitor requests a page.
disable: Set if a visitor’s load time exceeds the timeout configured in the at.js file. By default, this timeout lasts one hour.
at_check
mboxEdgeCluster
true
.It is not possible to use HTTPOnly
on the these first-party cookies. The at.js
JavaScript library needs to read/write to these cookies. These cookies are created by at.js
and are not set from the server.
The secure
setting can be enabled on all of these cookies using the secureOnly: true
configuration in at.js
.
Third-party cookies
Adobe Target users can create customized third-party cookies. The following third-party cookies are stored on tt.omtrdc.net
:
customerclientcode!mboxPC
customerclientcode!mboxSession
These third-party cookies are HTTPOnly out of the box and are set by Adobe Target data collection servers.
The secure
setting can be enabled on all of the cookies using the secureOnly: true
configuration in at.js
.