Working with cookies

A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to "remember" your actions or preferences over time.

Kentico provides an extensible framework, built around cookie levels, for manipulating cookies – from assigning specific levels of allowed cookies to users and contacts, to registering completely custom cookies and their corresponding cookie levels.

Setting the default cookie level

A site's default cookie level determines which cookies the system stores in users' browsers by default. To set the default cookie level:

  1. Open Settings application and select the System category.
  2. Under the Cookies heading, select a Default cookie level.
    • For an overview of individual cookie levels, see Cookie levels.
  3. Click Save.

The system now uses the selected cookie level when evaluating which cookies should be stored in users' browsers. 

Cookie levels

Kentico classifies cookies into several levels according to their purpose. The levels allow you to set cookie levels for users. The following are the default levels available in the cookie API (CMS.Helpers.CookieLevel class):

Cookie level Description
None (-1000) Absolutely no cookies are allowed, including the cookie that stores the cookie level selected for users. This makes sense only if you want to disable absolutely every cookie by default.
System (-100) This level allows the session cookie, and the CookieLevel cookie used to store the cookie level selected by the user. In terms of the end user and the Cookie law, this means "Cookies are not allowed".
Essential (0) Cookies required for all website functionality needed by site visitors. This includes authentication, language selection, votes in polls, etc. From the visitor's perspective, this means "Allow only cookies that I may need, but do not track me".
Editor (100) Cookies required for correct administration interface functionality. For example used to track the selected view mode, remember tabs and sliders, etc.
Visitor (200)

All cookies that are not assigned to an explicit level are considered to be cookies identifying the visitor, i.e. user tracking cookies, which are not really needed, but are useful for the site owner if using EMS.

This level is used for all custom cookies by default. You can register custom cookies to adjust their assigned cookie level.

All (1000) Allows all cookies, no matter what their level is. From the site visitor's perspective this means "Allow all cookies now and in the future".

The numbers associated with each cookie level are integer constants, which allows you to further customize the granularity of available cookie levels. The levels 'None' and 'All' are set to an absolute value of 1000 to provide enough space for future Kentico updates or developer-specified custom levels.

Automatic tracking of contacts and their activities only works for new visitors if the Default cookie level setting is set to 'Visitor' or 'All'. For more information, see Working with consents.

For simplicity, there are 3 main levels, which represent the choices offered to visitors by the provided cookie web parts when asking for consent to use cookies:

Simplified cookie level Corresponding API level Description
No cookies System Enables the minimum cookies required for the website to work, and remembers whether the user allows cookies or not.
Only essential cookies Essential Enables all cookies required for website functionality, but no tracking cookies.
All cookies All Enables all cookies used on the website.

Automatic cookie consent for administrators and editors

If a user signs in to the Kentico administration interface, cookies are automatically enabled to provide full editing functionality. The system assumes that working in the administration interface identifies a user as staff, so there is no need for cookie consent.


Was this page helpful?