Product Cookies

ASP.NET_SessionID

Expires on sign out or closing browser

To associate user activity with a particular logged in user

Product and service will not work at all (you cannot sign in)

eoc2<guid>

30 days

Allows a particular browser to access message history

No message history will be displayed

waoptions

365 days

Contains various persistent web access settings, including a unique reference that identifies the recipient of secure emails and their browser

No significant effect but, for example,: (i) the intro page will be shown to you on each visit; (ii) the cookie banner will always show up; and (iii) a recipient rejecting it will need to authenticate through web-reader each time to access a secure email’s Content

AWSALB

7 days

AWS ELB application load balancer

Performance degradation or service will not be available

AnnouncementCookie

Session

Captures whether announcements have been read or should appear to user on logon

Users will see what’s new notifications upon logon

AWSALBCORS

7 days

This cookie is managed by AWS and is used for load balancing. AspNetCore.Cookies

Performance degradation or service will not be available

.AspNetCore.Cookies

7 hours

To keep a logged on session open

Unable to login

mfaModal Displayed

10 years

Remember if the user has read initial information presented for MFA

MFA info will show every time

session

Session

User identification between requests

Product and service will not work at all

lastFileinboxView

360 days

Remember when the user last checked the file inbox to decide on notifications

User will be notified about all historical file inbox items

lastLoginServer

31 days

Remember the authentication server used, to prioritise at top of selection list

User will always see default ordering of login servers

qs_id

Session

Allows access to anonymous quickshare links that are protected by policy

Access will be denied

.AspNetCore.Session

Session

https://learn.microsoft.com/en-us/aspnet/core/fundamentals/app-state?view=aspnetcore-6.0

see the 'Session Options' section.  It also prevents certain robots trying to forge reqests to us see https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca5391

The form will not function.

.EgressSecureForms.Authentication

Session

if the form uses makes the user log into ESI / SDX first this cookie is there to tell the product they are logged in / authenticated.  We use this to temporarily save data as a customer fill in the form usually on big forms that take days to fill out

Incomplete forms will have to start over from the beginning.

.EgressSecureForms.Culture

Session

Tracks what language and locale the users' browser or computer is using which can help default the language the form uses when a form that offers itself in multiple languages

User locales and language settings will not be applied to the session

tnpSession

4 hours

Contains user’s session ID.  Set and removed each time the user logs in/logs out

The user will not have a valid session and therefore will not be able to use the site

acceptedDataPrivacyPolicy– [userId]

91 days

Checks whether the user has accepted the data privacy warning

The user will have to accept the data privacy notice each time they log-in

acceptedCookieUsage-[userId]

91 days

Checks whether the user has clicked “accept” on the cookie banner

The cookie notice will appear each time the user uses the site

.AspNetCore.Cookies.UK

Session

Delivers the user menu

The user menu will present an error and not be able to use the service.

ASP.NET_SessionID

Expires on sign out or closing browser

To associate user activity with a particular logged in user

Product and service will not work at all (you cannot sign in)

ASP.NET_SessionID

365 days

Remember the default state of user interface components

User interfaces will revert to the default settings