Heap’s tracking code uses first-party cookies set by your domain, and does not rely on third-party cookies for tracking. For this reason, Heap will continue to collect first-party cookies even if third-party cookies are blocked.
Heap may set the following cookies at any given time.
|User cookie (stores user_id, identity, other IDs)
|Session properties cookie (stores timestamp and cookie domain/path)
|Event properties cookie (stores properties set by the addEventProperties API)
|Used to determine which domain a cookie can be set on (since public suffix domains block setting cookies on the top level)
|Should not persist
|Contains replay user properties (user ID, user identity, and some user metadata)
|Contains replay session properties (replay session ID, session timestamp, and some session metadata)
*Only for accounts that have session replay enabled