Cookies
Nextcloud only stores cookies needed for Nextcloud to work properly. All cookies comes from your Nextcloud server directly, no 3rd-party cookies will be sent to your system. Regarding GDPR, only data which contain personal data are relevant.
Cookies stored by Nextcloud
Type |
Name |
Value |
Purpose |
Creation |
Lifetime |
|---|---|---|---|---|---|
Session cookie |
|
A random PHP session ID. |
Used to identify the user
on the server.
|
At first load. |
At the end of the browser’s session. |
Session cookie |
|
A random token. |
Used to decrypt the session’s
data on the server.
|
At first load. |
At the end of the browser’s session. |
Same-site cookies |
|
|
See note below for the purpose. |
At first load. |
Forever. |
Same-site cookies |
|
|
See note below for the purpose. |
At first load. |
Forever. |
Remember-me cookies |
|
|
At login if the
user selected the
Remember-me checkbox.
|
Defaults to 15 days.
Can be configured by setting:
remember_login_cookie_lifetime. |
|
Download helper |
|
A random token. |
Help to manage file download. |
When a download is started. |
20 seconds. |
The same-site cookies are used to determine how a request reaches the Nextcloud server. We use them to prevent CSRF attacks. No identifiable information is stored in those. The rest of the cookies are strictly used to identify the user to the system.