At a glance
| Provider | Django |
|---|---|
| Category | Strictly necessary |
| Consent required? | No |
| Typical domain | Varies (first-party) |
Do you need consent for csrftoken?
No. csrftoken is a strictly necessary cookie, exempt from consent under Article 5(3) of the ePrivacy Directive and Law 506/2004. You may use it without the visitor's prior agreement.
This is general guidance, not legal advice — always verify with a lawyer.
How FewCookies handles this cookie
FewCookies recognises csrftoken from our database of 1,300+ known cookies and classifies it automatically as "Strictly necessary". The free check tells you whether this cookie is detected on your site and whether your banner handles it correctly — an instant, surface-level check, no account needed.
Frequently asked questions
Do you need consent for the csrftoken cookie?
No. csrftoken is a strictly necessary cookie, exempt from consent under Article 5(3) of the ePrivacy Directive and Law 506/2004. You may use it without the visitor's prior agreement.
What does the csrftoken cookie do?
CSRF token generated by the Django framework to secure forms.
Who sets the csrftoken cookie?
The csrftoken cookie is associated with Django and is classified as strictly necessary.