Session Flo logoSession Flo
🍪

Cookie Policy

This page lists the cookies Session Flo uses, what each one does, and whether it is essential for the site to work.

Last updated: 25 May 2026

How choices work on Session Flo

Essential cookies are always used because they support sign-in, security, and saved interface preferences.

Non-essential cookies are limited to analytics cookies. These are only used when you choose Accept all in the cookie banner.

You can also read our Privacy Policy for broader details about how we handle personal data.

Essential cookies

These cookies are required for core functionality, security, or saving a setting you have asked us to remember.

Cookie name

sf_cookie_consent

What it is used for

Remembers whether you accepted all cookies or rejected non-essential cookies.

What information it stores

Your cookie preference choice only.

When it is used

Set after you make a choice in the cookie banner.

Cookie name

authjs.session-token or __Secure-authjs.session-token

What it is used for

Keeps signed-in users authenticated between page loads.

What information it stores

An encrypted session token linked to your account session.

When it is used

Set when you sign in.

Cookie name

authjs.callback-url or __Secure-authjs.callback-url

What it is used for

Returns you to the right page after sign-in.

What information it stores

The callback URL for the sign-in flow.

When it is used

Set during authentication flows.

Cookie name

authjs.csrf-token or __Host-authjs.csrf-token

What it is used for

Helps protect sign-in and other sensitive requests against CSRF attacks.

What information it stores

A security token used to validate the request.

When it is used

Set during authentication flows.

Cookie name

authjs.pkce.code_verifier, authjs.state, authjs.nonce

What it is used for

Protects Google and Microsoft OAuth sign-in flows and validates the provider response.

What information it stores

Short-lived cryptographic values used only during sign-in. On HTTPS pages these may use secure cookie prefixes.

When it is used

Temporarily set while completing OAuth sign-in.

Cookie name

sidebar_state

What it is used for

Remembers whether the dashboard sidebar is expanded or collapsed.

What information it stores

A simple true or false preference value.

When it is used

Set when you toggle the dashboard sidebar.

Non-essential cookies

These cookies help us measure and improve the site, but they are optional.

Cookie name

_ga and related _ga_* cookies

What it is used for

Measures page views and product usage so we can understand how Session Flo is used and improve it.

What information it stores

Pseudonymous analytics identifiers and usage information such as pages viewed and basic engagement data.

When it is used

Only set if you choose Accept all and Firebase Analytics is configured for the site.