Cookie Policy
We use a minimum set of cookies to keep you logged in. Analytics and marketing cookies are opt-in.
Draft. Engineering draft pending counsel review.
Last updated: 21 April 2026
Essential cookies (no consent required)
accessToken/refreshToken· JWT session cookies. Required for you to stay logged in.tokenone_sso_access/tokenone_sso_refresh· short-lived (60s) handoff cookies set by the SSO callback to deliver your session to the customer-cloud before redirecting. Deleted immediately after the handoff.cf_clearance,__cf_bm· set by our edge CDN (Cloudflare) for DDoS protection and bot management.
Preference cookies (no consent required)
user_mode· remembers your chosen Essential / Developer mode so it doesn’t reset each time you visit.tokenone:lastMode:<projectId>· last-used mode per workspace project.
Analytics cookies (opt-in)
If you consent, we set a first-party analytics cookie. It stores a random ID (not your email or name) so we can tell repeat visits from new visits in aggregate reports. Retention: 13 months.
Marketing cookies (opt-in)
If you consent to marketing cookies, we may set a conversion- tracking cookie when you arrive from a paid campaign. We never share identifiable data with ad networks. Retention: 90 days.
Managing cookies
You can change your cookie preferences at any time from the cookie banner at the bottom of every page, or inside the signed-in app at /privacy.
Questions: privacy@tokenone.io.