All Collections
Messenger
JavaScript API
Intercom Messenger Cookies
Intercom Messenger Cookies

How we use cookies in the Messenger

Thibault Candebat avatar
Written by Thibault Candebat
Updated over a week ago

Cookies used by the Intercom messenger are "first-party" cookies assigned to the domain of your website. We take the privacy of your data seriously and these cookies cannot be read by Intercom on other sites, or by other sites using the Intercom messenger. All cookies are unique to your domain.

Here are the cookies used by the Intercom Messenger, their purpose, duration and a brief description:

Cookie name

Purpose

Default Duration

Description

intercom-id-[app_id]

Unique anonymous identifier

9 months

Anonymous visitor identifier cookie. As people visit your site they get this cookie.

intercom-session-[app_id]

Keeping track of sessions

1 week

Identifier for each unique browser session. This session cookie is refreshed on each successful logged-in ping, extending it one week from that moment.

The user can access their conversations and have data communicated on logged-out pages for 1 week, as long as the session isn’t intentionally terminated with Intercom('shutdown');, which usually happens on logout.

intercom-device-id-[app_id]

Unique device identifier

9 months

Identifier for each unique device that interacts with the Messenger. It is refreshed on each successful ping, extending it another 9 months.

We use this cookie to determine the unique devices interacting with the Intercom Messenger to prevent abuse.

For more information on how we use cookies for the Intercom website and our application, see our Cookie Policy.

FAQs

Can unidentified users be tracked across multiple top-level domains (e.g. www.example.com and www.example.co.uk?

No. We use first-party cookies, which are only readable within a single domain, and therefore we cannot create identities that are shared across domains. We do not track users across domains.

Why don’t you have the secure flag set on your cookies?

We cannot assume that customers use HTTPS and as such, we cannot enforce this on our cookies.

If your site only uses HTTPS you can get in touch with our support team and request us to enable the secure flag for your Messenger cookies.

Why don’t you set the HTTPOnly flag for your cookies?

Our cookies need to be accessed by the Intercom Javascript and therefore we cannot enable this flag.

💡Tip

Need more help? Get support from our Community Forum
Find answers and get help from Intercom Support and Community Experts

Related Articles
Install Intercom for visitors and leads
Install Intercom for logged-in users
Integrate Intercom in a single page app
Install Intercom on your Squarespace site
Troubleshooting when the Messenger doesn't appear
Did this answer your question?