Cookie content and expire information (hubspotapi -like)SOLVE
Jul 23, 2020 5:36 AM
My name is Julio. I am currently working in a integration of some of your endpoints to different DBs. I was asked a certain question that I don't know exactly how to answer.
There are some resources taken from endpoints like:
And there are some cookies that are needed such as `hubspotapi`, `hubspotapi-prefs`, or `hubspot.hub.id`. This cookies are given by our customer.
Is it possible to know the expiration time (if any) or the content (if any of them is encrypted with sensitive information)?
I can see the `hubspot.hub.id` in hubspot-cookie-security-and-privacy but I can't see `hubspotapi`.
Solved! Go to Solution.
Jul 24, 2020 4:00 AM
Happy to help clarify this!
hubspotapi - This cookie allows the user to access the app with the correct permissions. the cookie itself is short-lived (5mins), but the authorization will persist for 28 days if "remember me" is checked, or for 7 days if not checked. After that, we make the user login again.
hubspotapi-prefs - This is used with the hubspotapi cookie to remember whether the user checked the "remember me" box (controls the expiration of the main cookie's authentication). Expires after a year.
hubspotapi-csrf - This is used for CSRF prevention - preventing third party websites from accessing your data. Expires after a year.