AdvancedAuth cookies in user browser for Private/Public computer

book

Article ID: 17133

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication CA API Gateway

Issue/Introduction

AdvancedAuth cookies in user browser for Private/Public computer



Could you please let us know the complete path and cookie details and what can be seen in the cookies when the user trust / untrust a device?

Environment

AA 8.2

Resolution

--> During 'Private Computer' flow, AFM sets a cookie by name 'ArcotAuthDid' with DeviceID values in the local storage as name/value pair. If local storage is disabled for a browser, then it falls back to HTTP browser cookie mechanism. As local storage is enabled by default for most of the browsers, so we are unable to see it as a Cookie. 

--> During 'Public Computer' flow, AFM doesn't set any cookie or write in local store.