The areas described below are where cookies are used to provide additional functionality. The functionality can be disabled and the cookies will never be generated or looked for.
Totara uses a cookie to track the users session.
This cookie is created for every user who browses any page on the site.
- This cookie is given the name TotaraSessionXXX where XXX is determined by $CFG->sessioncookie.
Remember Username cookie
Totara uses a cookie to remember the users username if the equivalent option is checked on the login page.
This cookie is created by the login page after the user logs in if the remember username functionality is set to On, or if the functionality is set to optional and the user has checked the remember username box on the login screen.
The remember username functionality can be disabled by browsing to Site administration > Security > Site policies and setting Remember username (rememberusername) to No.
- This cookie is given the name TOTARAID_XXX where XXX is determined by $CFG->sessioncookie.
If the Totara site has been configured to use a Shibboleth provider for authentication then the Shibbotleth authentication plugin will create a cookie to facilitate its functionality.
This cookie is only created if the Shibboleth pluggin has been enabled and configured for use.
In all versions of Totara this cookie is given the name _saml_idp.