GOV.UK PaaS puts small files (known as ‘cookies’) onto your computer.

Cookies are used to:

  • remember you once you've signed in
  • keep your session open
  • avoid malicious requests

Find out how to manage cookies.

Session cookies (strictly necessary)

We store session cookies on your computer to help keep your information secure when you sign into the service.

Name Purpose Expires
JSESSIONID This is set to identify your session when you close the browser
__VCAP_ID__ This is used with JSESSIONID to route your request to the right application instance (‘sticky session’) when you close the browser
X-Uaa-Csrf This is set to verify that your requests haven’t been tampered with by a malicious third party 1 day