Documentation Index

Fetch the complete documentation index at: https://docs.document360.com/llms.txt

Use this file to discover all available pages before exploring further.

Cookie usage

Prev Next

Document360 uses cookies to maintain session data, authenticate users, and ensure the knowledge base functions correctly. All cookies set by Document360 are essential — they are required for the platform to work and do not collect personal data, track users across sites, or serve marketing purposes. Understanding how these cookies work helps you assess your compliance obligations and configure your knowledge base with confidence.


How cookies work in Document360

Document360 sets a small, fixed set of essential cookies. There are no tracking pixels, retargeting cookies, or marketing identifiers. Analytics rely on server-side processing rather than cookie-based personal tracking. Cookies are scoped to the browser in which they are created and are not shared across devices or platforms.

Cookies set by Document360

The following cards describe every cookie Document360 sets, what data it holds, and how long it is retained.

__cf_bm cookie

Access type Private / Public
Purpose Security
Essential Yes
Retention 30 minutes

Data collected

  • A unique session identifier used for bot scoring.
  • Computed behavioural and performance metrics from Cloudflare.
  • An encrypted bot-detection token to validate whether the request is from a trusted user or a suspected bot.
  • A timestamp.

No personal data is collected.

Used for

  • Its purpose is to distinguish between legitimate human traffic and automated/bot traffic.

  • It helps Cloudflare protect the site from malicious bots without requiring additional challenges (like CAPTCHAs).

  • It ensures the site remains available, performant, and secure by filtering harmful automated traffic.

kb_version cookie

Access type Private / Public
Purpose Version detection
Essential Yes
Retention 24 hours

Data collected

A single version number (1 or 2) identifying which generation of the knowledge base site is being served.

Used for

Routes incoming requests to the correct load balancer based on which version of the KB site the request belongs to.

connect.sid cookie

Access type Private only
Purpose Authentication
Essential Yes
Retention 24 hours, rolling expiry from last activity

Data collected

Authentication claims by Identity Server

Used for

The authentication cookie, managed by the Identity Server, securely stores encrypted session information to provide safe, seamless, and continuous user access. The connect.sid cookie is not applicable for public projects.

NOTE

The connect.sid cookie is not a session-only cookie. It is not removed when the browser is closed. Instead, it follows a rolling 24-hour expiry: each user interaction resets the timer, and the cookie expires automatically and is removed from the browser after 24 hours of inactivity.


Cookies from third-party integrations

Document360 does not control cookies introduced by customer-configured integrations, embedded media (such as video players), or custom scripts added to the knowledge base site.

Third-party services configured by you may set additional cookies in the user's browser. These cookies are introduced dynamically by the external provider and are outside Document360's management or visibility. Document360 does not process or access data collected through these external cookies.

As the knowledge base owner, you are responsible for:

  • Reviewing the cookies set by your third-party integrations.
  • Assessing each provider's privacy and data processing practices.
  • Updating your cookie and privacy policies to reflect third-party cookies.
  • Configuring consent mechanisms where required by applicable regulations.

FAQ

Are all cookies used by Document360 strictly necessary?

Yes. All cookies set by Document360 are essential for platform functionality — authentication, security, and version routing. Disabling them may affect the platform's performance and user experience.

Does Document360 use tracking pixels or retargeting cookies?

No. Document360 does not use tracking pixels, retargeting cookies, or marketing identifiers of any kind. Only essential cookies required for authentication, security, and routing are set.

Can users delete Document360 cookies?

Yes. Users can manually delete cookies at any time through their browser settings. Deleting the connect.sid cookie will end the current session and require the user to log in again.

Does Document360 provide control over cookie settings?

Document360's own essential cookies cannot be disabled without breaking platform functionality. However, you can manage cookies introduced by third-party integrations using cookie consent plugins, allowing users to enable or disable non-essential cookies as needed.

Are IP addresses stored in cookies for analytics or tracking?

No. IP addresses are not stored in browser cookies. They are transmitted as part of the HTTP request and processed server-side only — for IP-based access restrictions and location-level analytics. No IP data is persisted in the browser, and no additional tracking is involved.