PLAY_SESSION is Fluid Topics session cookie. It is a JWT token managed by Play Framework.
Its behavior can be configured but currently, Fluid Topics uses the default settings.
The content of this cookie can be deobfuscated on JWT.IO website.
For example, the following value
eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImlkIjoiZDAzZTBjMjYtMDJhNS00NDU5LWIwZmUtZjk4MDcwODE4ZjdjIiwidXJsQWZ0ZXJMb2dpbiI6Imh0dHA6Ly9kb2MuYW50aWRvdC5uZXQifSwibmJmIjoxNTM4MDM0NDIwLCJpYXQiOjE1MzgwMzQ0MjB9.V29tBlQxS-Nncm3Dj7rHOvGG2-q_xBcZ2tqhLsKpLVw
contains the following payload
{
"data": {
"id": "d03e0c26-02a5-4459-b0fe-f98070818f7c",
"urlAfterLogin" : "http://doc.antidot.net"
},
"nbf": 1538034420,
"iat": 1538034420
}
The data hold the business information Fluid Topics needs.
Currently only two properties can be found:
- id: the session ID of the anonymous or logged-in user
- urlAfterLogin: the web-application page from where an SSO login was initiated (only visible during an SSO login and removed at the end)