Document Tree
Document Properties
Last Modified
Added to KB
Public Access
Doc Type
  • ICM 7.10
  • ICM 11
  • ICM 12
Concept - GDPR Cookie Content (valid to 12.0)


This concept is intended for developers who want to learn more about the contents of Intershop's cookies.


Cookie Content

All cookie configurations can be adjusted to meet the privacy and security needs of our customers.

The following table lists all cookies used in the standard product. Please note that customization of Intershop Commerce Management may extend this list. In addition, optional features such as Google Tag Manager may introduce additional cookies that are not part of this document.

NameCookieContentDescriptionNo User-Related ContentSessionHostOnlyReadOnlySame-SiteSecureOptional
Session Cookiesidhash
  • Browser session identification
  • Allow switching HTTP and HTTPS 
  • Allow over login/logout
Authentication CookieSecureSessionID-<site-id>user ref
  • Reference to authenticated user

(info) Contains reference to user

(tick) Does not contain login/password/name of user/addresses

Personalization Cookiepgid-<site-name>hash
  • Hash of personalization information
  • Used to cache pages or snippets for users with same personalization information
(tick) Hash does not reference any user or user/customer group(tick)(tick)(tick)
Basket Cookiecc-<cart-id>cart ref
  • References a cart for anonymous users

(info) Contains reference to cart

(tick) Does not contain login/password/name of user/addresses

A/B-Test Cookie<configured-value>-<ab-test-id>ab-test-group ref
  • Provides test-group-specific content (also for anonymous users)

(info) Mandatory for feature
Recently Viewed Itemsrvdata-<domain?>-productsproduct refs

(info) Mandatory for feature
REST API BridgeapiTokencart or user ref
  • Provides a functionality to switch between REST-based and HTML-based rendering

(info) Contains reference to user

(info) Contains reference to cart

(info) Mandatory for feature
Display Switch


  • Used to display overlay information for users who do not allow cookies at all

Part of demo template Set CookiesDisabledOverlay.isml 
OpenID Connect State


actual OIDC state, organization name, identity provider ID
  • Used to transfer some state between redirect to identity provider and back to ICM
  • Removed after redirection to ICM
  • Configurable using  intershop.authentication.oidc.stateCookieName

(info) Contains reference to user's organization

(tick) Does not contain login/password/name of user/addresses

(tick)(info) Mandatory for feature

The table contains the default values for cookies, see Guide - Secure URLs Only to use secure session and PGID cookies.

Related to Cookie Data

Cookies are intended to reference data in the application (database). Access to the database is limited.

Cookie Stored Reference to ObjectReferenceable Data in Database
usershipping, billing addresses, login, orders, customer
cartshipping, billing addresses
a/b test grouplist of users/customers
The information provided in the Knowledge Base may not be applicable to all systems and situations. Intershop Communications will not be liable to any party for any direct or indirect damages resulting from the use of the Customer Support section of the Intershop Corporate Web site, including, without limitation, any lost profits, business interruption, loss of programs or other data on your information handling system.
The Intershop Knowledge Portal uses only technically necessary cookies. We do not track visitors or have visitors tracked by 3rd parties. Please find further information on privacy in the Intershop Privacy Policy and Legal Notice.
Knowledge Base
Product Releases
Log on to continue
This Knowledge Base document is reserved for registered customers.
Log on with your Intershop Entra ID to continue.
Write an email to if you experience login issues,
or if you want to register as customer.