The cookies and browser storage reAPI uses, and what they do.
2026/05/05
Last updated: May 5, 2026
This page lists every cookie and similar browser-storage item we set when you visit reAPI. We do not use cookies for advertising, retargeting, or cross-site tracking.
Required for the site to function. You cannot disable these and continue to use the dashboard.
| Cookie | Purpose | Provider | Lifespan |
|---|---|---|---|
better-auth.session_token | Authenticates your session after sign-in | reAPI (Better Auth) | 7 days |
better-auth.csrf_token | Prevents cross-site request forgery on dashboard actions | reAPI (Better Auth) | Session |
__cf_bm | Cloudflare bot management | Cloudflare | 30 minutes |
Set only when a feature is enabled. You can disable them by not using the corresponding feature.
| Cookie | Purpose | Provider | Lifespan |
|---|---|---|---|
crisp-client/* | In-product chat support widget, when enabled | Crisp | 6 months |
cf_clearance | Cloudflare Turnstile CAPTCHA verification, when enabled | Cloudflare | 30 minutes |
NEXT_LOCALE | Remembers your language preference | reAPI | 1 year |
We persist a few non-sensitive values in your browser's local or session storage:
reapi:playground:<model> — your last playground form values, kept locally so an unauthenticated submit can be replayed after sign-in.These are not sent to our servers and never include API keys or passwords.
We use first-party server logs only. We do not run Google Analytics, Meta Pixel, or any third-party browser analytics that set their own cookies.
Most browsers let you delete cookies, block third-party cookies, or set per-site rules. Disabling the essential cookies above will sign you out and break the dashboard.
We will update this page if we add new cookies. Material additions will be announced by email.
Questions? Reach us at our contact page.