- 05 Jul 2023
- 1 minute to read
Cookie policy
- Updated on 05 Jul 2023
- 1 minute to read
When we use cookies
Totara only uses cookies when absolutely required. As such, the number of cookies is absolutely minimal.
In order to track users between requests a session cookie is used. This is unavoidable, and Totara will not function if this cookie is blocked.
The areas described below are where cookies are used to provide additional functionality. The functionality can be disabled and the cookies will never be generated or looked for.
Session cookie
Totara uses a cookie to track the user's session.
This cookie is created for every user who browses any page on the site. The cookie is given the name TotaraSessionXXX, where XXX is determined by $CFG->sessioncookie.
Remember username cookie
Totara uses a cookie to remember the user's username if the equivalent option is checked on the login page.
This cookie is created by the login page after the user logs in, if the remember username functionality is set to On, or if the functionality is set to optional and the user has checked the Remember username box on the login screen.
The Remember username functionality can be disabled by going to Quick-access menu > Security > Site policies and setting Remember username to No. This cookie is given the name TOTARAID_XXX, where XXX is determined by $CFG->sessioncookie.
Shibboleth
If the Totara site has been configured to use a Shibboleth provider for authentication then the Shibbotleth authentication plugin will create a cookie to facilitate its functionality.
This cookie is only created if the Shibboleth plugin has been enabled and configured for use.
In all versions of Totara this cookie is given the name _saml_idp.
© Copyright 2024 Totara Learning Solutions. All rights reserved. Some content originally obtained via GPLv3 license and continues to be available under GPLv3. All other content is the sole copyright of Totara Learning Solutions.