Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

IDAAS core

Uniquely identify guests

search

Uniquely identify guests

The OneWelcome Identity Platform supports tracking users anonymously before they log in.

This feature is set at the tenant level in the system features config.

Guest ID cookies

When this feature is enabled, the OneWelcome Identity Platform uses a guest_id cookie to keep track of users anonymously before they log in. This cookie is set when your front end triggers a silent authentication request. Your portal sends an authentication request with prompt=none, which indicates that the OneWelcome Identity Platform should check for an existing session. If there is an active session, the OneWelcome Identity Platform responds with a successful authentication response. If there is no session, the platform responds with an authentication error response. This error response also contains the guest_id as a query parameter.

Example

HTTP/1.1 302 Found
Location: https://client.example.org/cb?
  error=login_required
  &state=af0ifjsldkj&guest_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx

If the guest_id cookie was already set via a previous authentication attempt, its value does not change. If no existing value was sent, the OneWelcome Identity Platform generates a unique GUID value for this user and sets the cookie. The guest_id cookie expires after 1 year (31536000 seconds).

This guest_id cookie can be used across customer brands that share the same OneWelcome Identity Platform. In practice, this means each brand or service must use the same (sub)domain when accessing the OneWelcome Identity Platform. This allows them to see what anonymous users are doing across their services.

On this page