About Userlane cookies
While providing services to end users, the Userlane Digital Adoption Platform may place several essential Cookies on an end user’s browser. The number is determined based on:
- End user's permissions. For example, additional Cookies will be placed on the end user’s web browser if the end user authenticates to the Portal (see the wiki documentation on Userlane Portal roles for more information).
- Userlane configuration. For example, additional Cookies may be placed if analytics is enabled.
Essential Cookies are used for required processing to allow for the measurement and improvement of digital adoption on specific applications. For the avoidance of doubt, this processing is required to provide the Userlane service and is covered by Art. 6(1)(b) GDPR, which does not require active consent from the end user.
List of Cookies
Here is a summary of all Cookies and LocalStorage items that Userlane’s embeddable frontend package (userlane.js) might store on the user’s device.
| Name | Type | Purpose | Storage Duration | Required |
|---|---|---|---|---|
| userlane-context | Cookie | Storing status of the UI and related context of Userlane | 5 minutes | Yes |
| userlane-app-session | Cookie | Storing status of Userlane analytics session | 30 minutes | Only when HEART analytics is enabled |
| userlane-user | Cookie | Identify the user to show consistent status of content (e.g. mark guide as done) | 5 years | Only in cases when no user identifier is passed into the Snippet |
| userlane-assistant-context | LocalStorage | Storing status of the UI and related context of Userlane | indefinitely | Yes |
| AUTH_SESSION_ID | Cookie (third-party) | Storing the user authentication session ID. | Session | Yes (if end user has access to the Portal) |
| KEYCLOAK_IDENTITY | Cookie (third-party) | Storing a token used to verify the identity of the user. | Session | Yes (if end user has access to the Portal) |
| KEYCLOAK_SESSION | Cookie (third-party) | Storing information about the user session. | Session | Yes (if end user has access to the Portal) |
Detailed information on the cookies and local storage items listed above:
| Name | Detailed information |
| userlane-context | It has two purposes:
|
| userlane-app-session | It contains app session information which is used for Userlane-related analytics. With this Cookie, the app analytics events can be aggregated and assigned correctly. It is stored in a Cookie so the user session can be tracked correctly. |
| userlane-user | This cookie is only used for a special implementation case when there is no user ID passed within the snippet. In this case, Userlane generates a random ID and stores this ID in this cookie. It is used so the Userlane assistant can show the end user the correct progress (e.g. played guides or announcements already shown). |
| userlane-assistant-context | It contains information about the state of the Assistant. For example, the user can move the Userlane Assistant to different positions by dragging and dropping it around. This position (e.g., “bottom-right”) is stored in this local storage entry so that the Assistant can be displayed correctly for each user based on their preference. |
| AUTH_SESSION_ID | It contains the ID of the authentication session for a user during the authentication process. It is used by Keycloak to identify the user in the authentication flow (e.g., after the user has typed the email, before the password is typed). |
| KEYCLOAK_IDENTITY | It contains an authentication token for an authenticated user in the format of JWT (JSON Web Token). It contains information about the user, its authorization roles, and other information useful for the application to determine and identify the user and its permissions. |
| KEYCLOAK_SESSION | It contains the ID of the session for an authenticated user. It is used by Keycloak to determine if a user is logged in. |
