FewCookies

Cookie glossary · Strictly necessary

What is the __Secure-next-auth.session-token cookie?

Secure session token used by NextAuth.js for authentication. It is set by NextAuth.js and classified as "Strictly necessary". No consent required.

At a glance

Provider NextAuth.js
Category Strictly necessary
Consent required? No
Typical domain Varies (first-party)

How FewCookies handles this cookie

FewCookies recognises __Secure-next-auth.session-token from our database of 1,300+ known cookies and classifies it automatically as "Strictly necessary". The free check tells you whether this cookie is detected on your site and whether your banner handles it correctly — an instant, surface-level check, no account needed.

Check your site for free →

Frequently asked questions

Do you need consent for the __Secure-next-auth.session-token cookie?

No. __Secure-next-auth.session-token is a strictly necessary cookie, exempt from consent under Article 5(3) of the ePrivacy Directive and Law 506/2004. You may use it without the visitor's prior agreement.

What does the __Secure-next-auth.session-token cookie do?

Secure session token used by NextAuth.js for authentication.

Who sets the __Secure-next-auth.session-token cookie?

The __Secure-next-auth.session-token cookie is associated with NextAuth.js and is classified as strictly necessary.