Sprinklr Live Chat Cookies and Storage Details
Updated
This article provides a comprehensive overview of the cookies and storage used by Sprinklr's live chat solutions.
Overview
Cookies are small data files that a website sends to a visitor's web browser, which are then stored on the visitor's device. These cookies help the website remember information about the visitor's interaction with the site. When the visitor returns to the website, the browser sends the stored cookie data back to the site, allowing for a more personalized and seamless experience.
Local storage is a method used by web browsers to store data locally on the user's device. Unlike cookies, data stored in local storage persists even after the browser is closed and reopened.
How Sprinklr Live Chat Utilizes Local Storage and Cookies
Live Chat employs various storage mechanisms to manage live chat sessions
General Storage Mechanisms
Identifier | Purpose | Storage Type |
spr-chat-token-<app_id> | Contains a JWT token which is a unique identifier for a user. It ensures that conversations for a user persist across browser refresh on the same site so that a user can refer/go back to their past conversations* | Local storage or cookie depending on use case. For more details refer below |
AWSALB, AWSALBCORS | Associated with Amazon Web Services (AWS) infrastructure, these cookies are used for maintaining sticky sessions, enhancing performance through efficient request routing and managing scalability & security. These cookies do not contain any user data. For further insight into the functionality and usage of these cookies, please refer to the AWS documentation here: AWS Sticky Sessions Documentation.
| Cookie
Duration – 7 days |
*Additional Information:
The chat token, spr-chat-token-<app_id> does not contain any user Personally Identifiable Information (PII). It includes the user’s profile id generated at Sprinklr's end along with other information such as chat application id, issuer, partner id, etc.
When stored in local storage, spr-chat-token-<app_id> is not accessible across different origins or domains. To persist the live chat user session across different domains (e.g., a.xyz.com and b.xyz.com), local storage cannot be used due to cross-origin restrictions. To address this, the sessionOrigin parameter in sprChatSettings must be used to enable session persistence across related subdomains. We can either store session details at brand's sub domain level (xyz.com) or at sprinklr.com domain level.
Cookie Storage Solution: This solution utilizes storing cookies against the common subdomain mentioned in the sessionOrigin. We rely on the navigator.cookieEnabled flag. Storage access may fail if the user's browser is configured to block all cookies or if the sessionOrigin does not match the website domain.
Embedded Hidden Iframe Solution: This solution utilizes an embedded hidden iframe placed on each page where the live chat is embedded via the live chat code itself. The iframe is hosted on the sprinklr.com domain, and all data can be stored within the local storage of the iframe's window interface. We rely on the document.hasStorageAccess function. Access to this may fail if the user's browser is configured to deny third-party cookies or block all party cookies.
Feature-based storage
Co-browse
Sprinklr leverages the third-party library Cobrowse.io to facilitate collaborative browsing and real-time navigation with customers. This tool also allows agents to share their screens with customers, enhancing the support experience.
Cobrowse.io uses various identifiers and session details to facilitate and manage cobrowsing sessions. These elements help in uniquely identifying devices, and sessions to ensure a seamless and secure co-browsing experience. The data is set up when the co-browse session starts. Below is a detailed list of these elements, and their purposes.
Cobrowse.io Data Storage Details
Identifier | Purpose | Storage Type |
cobrowse-account | Stores account’s license key. | Local storage |
_cobrowse_device_id | Stores the Device ID being co-browsed. | Local storage |
_cobrowse_window_id | Stores Window ID. | Local storage |
_cobrowse_active_session | Stores active session details. | Local storage |
_cobrowse_device_registration | Stores device registration time and other details. | Local storage |
Data Collection and Privacy
Sprinklr's live chat system is designed to minimize the collection of user-specific data, focusing only on essential session metadata required for effective support. This includes User Agent, Time Zone, Locale, Page Title, Page Url, if available, which are used solely within the session context for personalized service delivery.