Browser Compatibility & Cookies
About Browser Compatibility & Cookies
This page details Qualtrics’ browser compatibility. It also lists all the cookies Qualtrics places on your browser when you are taking a survey; these cookies are generally meant to help keep track of survey sessions so that they aren’t repeated, or to maintain the session.
Browser Compatibility
Qualtrics is committed to providing secure, high quality products that are functional and consistent across the most popular modern web browsers. Qualtrics officially supports all of its web-based products in OEM (Original Equipment Manufacturer) supported versions of the following browsers:
- Apple Safari
- Google Chrome
- Microsoft Edge (Chromium Version)
- Mozilla Firefox
Versions of these browsers no longer supported by their maker may not function as intended and may expose the user to inherent security vulnerabilities. Qualtrics recommends that users always use the most up-to-date version of their browser.
Storing Multiple Sessions on the Same Browser
This cookie is placed when you start a survey session on the same browser where you are working on another one.
Cookie name: Hash of the sessionID and query parameters that maps to a sessionID
Expires: Up to 1 year or when the session is complete
Starting a Survey Session with Allow Respondents to Continue Later Enabled
Appears when you start a session with “Allow respondents to finish later” enabled.
Cookie name: A hash of the url that may be appended with ‘-singleReload’
Cookie value: FS_12345678~jfe2
Expires: 5 minutes
Submitting Survey Sessions
This cookies enforces the “Prevent multiple submissions” setting in survey options. It only appears once a survey session has been submitted.
Cookie name: QST
Cookie value: The Survey ID (e.g., SV_12345678)
Expires: 6 months
Behavior of QST and session cookies: 2+ Page Survey
Whenever a survey is taken, a session cookie is dropped, with the expiration date matching with whatever is set for the incomplete survey responses setting in survey options. So, for example, if my Incomplete survey responses setting is set to 1 week, the survey will drop a session cookie that expires one week from when I clicked the survey link. This cookie allows Qualtrics to keep track of when an incomplete survey should be recorded as a response.
If the survey remains incomplete, this cookie will stay here until it expires. However, if the survey is submitted, it will transform into the QST (Qualtrics Survey Tracker) cookie. For 2+ page survey, the QST cookie expiration date will default to 6 months after the date the survey was started.
Behavior of QST cookie: 1 Page Survey
The QST cookie behaves slightly differently for a one page survey. Because there is only one page of the survey, the survey does not get a chance to drop a session cookie because the survey is submitted. A consequence of this is that the QST cookie that is dropped after submission has a different expiration date than for 2+ page surveys. Rather than defaulting to 6 months after the survey was started, the expiration of the QST cookie matches the setting for incomplete survey responses in survey options.
Security
This is a temporary cookie used for security while survey taking. It is only stored as long as the browser is open.
Cookie name: XRSF-TOKEN
Cookie type: Session
Secure File Access
Allows a user to access a previously uploaded file when resuming a session.
Cookie name: ‘SFA’
Cookie value: SessionID
Expires: 6 months
Auth Session Cookie
Keeps track of a user’s logged in status after passing an authenticator with the “Require respondents to authenticate again if they resume their session later” authenticator setting enabled.
Cookie name: ‘reauth-<hash of session ID and authenticator flow ID>’
Cookie value: <signed-login-token>
Expires: 1 hour
PreviewDC Cookie
Used to keep track of state while interacting with a preview link.
Cookie name: ‘previewDC’
Cookie value: <internal Qualtrics ID>
Bot Manager Cookies
The cookies in this section are used to help distinguish between real website traffic from bot traffic. These cookies come from the Akamai’s Bot Manager solution being used inside the Qualtrics platform.
ak_bmsc
This cookie is related to our bot detection and prevention mechanism provided by our web application firewall provider. This cookie is used to track the progress of the session going through the standard detection workflow. When present, it is also used as the identifier instead of the IP address for bot rate control rules.
Cookie name: ak_bmsc
Expires: 2 hours
Size: approximately 300 bytes
HttpOnly set by default: true
Secure flag enabled by default: false
SameSite set by default: false
Website / App Insights Browser Cookies
Website / App Insights stores certain data inside cookies. This includes the Site History cookie, Prevent Repeated Display cookie, a cookie that tells us that we have a Pop Under, a cookie that stores history data if localStorage is disabled, and a cookie that tracks user events.
For a full description of all relevant cookies, see this support page.