What is the purpose of the cookie X-UAId?

ServiceStack Authentication
1

Hi,
I am tasked with describing the purpose of all cookies sent to our clients.
ServiceStack docs on session, authentication and authorization describes cookies well, but I can find no mention of the cookie named X-UAId, which is also being sent.

Browsing the source code, it seems the cookie value is used for getting userAuthId when logging requests. Can you confirm this is the case, and is there anything else I should know about this cookie?

Best regards, Anders

2

It contains the authenticated user’s Id. It’s unnecessary metadata and can be disabled by overriding SetCookieFilter() in your AppHost:

public override bool SetCookieFilter(IRequest req, Cookie cookie) => 
    cookie.Name == HttpHeaders.XUserAuthId 
       ? false 
       : base.SetCookieFilter(req, cookie);
1 Like