Skip to content
Features Pricing Free Cookie Scanner Consent Mode Checker Script Audit TCF String Decoder Cookie Database GDPR Scanner Compliance Blog
Start Free → Login
Necessary

"__RequestVerificationToken" Cookie

Microsoft ASP.Net · Microsoft Corporation

Description

This cookie is set by ASP.NET and improves the security of the web site. It prevents Cross-Site Request Forgery-attacks and does not contain any user information. It is automatically removed when you turn off your web browser.

Details

Cookie Name
__RequestVerificationToken
Category
Necessary
Service
Microsoft ASP.Net
Vendor
Microsoft Corporation
Popularity
0.5% of scanned websites
Data Source
Cookie is

Consent Requirement

This cookie is classified as necessary and typically does not require consent. It is essential for basic website functionality.

Consent Requirements by Regulation

GDPR & ePrivacy (EU)

Exempt from prior consent under the strictly necessary exemption (ePrivacy Directive Article 5(3)), provided __RequestVerificationToken is genuinely required for the service the visitor requested. It must still be listed in your cookie policy.

UK GDPR & PECR

Exempt from consent under PECR Regulation 6(4) when strictly necessary. Disclosure in your cookie policy is still required.

CCPA/CPRA (California)

No opt-out is required for strictly necessary cookies, but __RequestVerificationToken must be disclosed in your privacy policy.

Managing __RequestVerificationToken with a Consent Banner

A consent management platform lists __RequestVerificationToken in the banner's cookie table under the necessary category. Because it is strictly necessary, it stays active without an opt-in, but disclosing it keeps your cookie policy accurate. Kukie.io's scanner detects it automatically and keeps the disclosure up to date as your site changes.

Frequently Asked Questions

Does the __RequestVerificationToken cookie require consent?
No. __RequestVerificationToken is classified as strictly necessary, so it can be set without prior consent under GDPR and PECR. It must still be listed in your cookie policy.
Who sets the __RequestVerificationToken cookie?
__RequestVerificationToken is set by Microsoft ASP.Net (vendor: Microsoft Corporation). It is categorised as necessary.
How common is the __RequestVerificationToken cookie?
__RequestVerificationToken appears on about 0.5% of the websites scanned by Kukie.io, based on real scan data.
How do I block or delete the __RequestVerificationToken cookie?
Visitors can delete __RequestVerificationToken at any time through their browser's cookie settings. Site owners can keep it blocked until consent with a consent management platform: Kukie.io's auto-blocking holds necessary cookies back until the visitor opts in.

Automatically manage consent for this cookie

Kukie.io handles cookie detection, categorisation, and consent collection - all in one platform.

Get Started Free

Listed On