Cookie Policy
Last updated: February 24, 2026
This Cookie Policy explains how UniAuth.ID uses cookies and similar technologies when you visit our platform at uniauth.id.
What are cookies?
Cookies are small text files stored on your device by your web browser. They are widely used to make websites function, improve efficiency, and provide information to site owners.
Cookies we use
UniAuth.ID uses a minimal set of cookies — only what is strictly necessary for the platform to function. We do not use advertising or tracking cookies.
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
auth_token | Maintains your authenticated session after login | 7 days | Essential |
theme | Remembers your light/dark mode preference | 1 year | Functional |
webauthn_challenge | Temporary storage for passkey authentication challenge | 5 minutes | Essential |
Cookie attributes
Our authentication cookie (auth_token) is configured with the following security attributes:
- httpOnly: Cannot be accessed by JavaScript (prevents XSS attacks)
- secure: Only transmitted over HTTPS in production
- sameSite=lax: Prevents cross-site request forgery
- path=/: Available across the entire site
Third-party cookies
UniAuth.ID does not set any third-party cookies. When you connect an OAuth provider (Google or GitHub), those providers may set their own cookies during the OAuth flow on their domains. Please refer to their respective privacy policies for details.
Managing cookies
You can control cookies through your browser settings. Disabling essential cookies will prevent you from logging in. Most browsers allow you to:
- View all cookies stored on your device
- Delete all or specific cookies
- Block cookies from specific sites
- Block all third-party cookies
Changes
We may update this Cookie Policy if we introduce new cookies. We will update the “last updated” date at the top of this page.
Contact
Questions about our use of cookies? Contact us at [email protected].