Overview
This check validates that the Adobe Experience Platform (AEP) Web SDK identity and cluster cookies are present and correctly set on every page of your website. In a Web SDK implementation, these cookies are prefixed with kndctr_ followed by your Adobe Org ID.
The two critical cookies are:
The Identity Cookie: Stores the Experience Cloud ID (ECID), the unique identifier for the user.
The Cluster Cookie: Stores the specific Edge Network Cluster ID (e.g.,
ord5orirl2) that handled the request, ensuring subsequent hits in the same session are routed to the same data center for low latency and state consistency.
Why it is important
The presence of these cookies is a critical requirement for data continuity and platform reliability:
Unified Customer Profile: Without the identity cookie, every page refresh or navigation event could generate a new ECID. This results in inflated "Unique Visitor" counts and fragmented customer journeys.
Edge Network Affinity: The cluster cookie ensures "session affinity." If this cookie is missing, your requests might jump between different global data centers, which can lead to race conditions or delays in real-time personalization.
Cross-Session Personalization: For Adobe Target or AEP Offer Decisioning to work, the platform must recognize the user from one page to the next. If these cookies are missing, the user is treated as a first-time visitor on every page.
Marketing Attribution: If the identity cookie is lost during a journey (e.g., moving from a landing page to a conversion page), the original marketing source cannot be attributed to the final conversion.
Implementation
We have made implementing this check for AEP Tags simple.
Create an Audit: Set up a scan that crawls your entire website, including transitions between subdomains and secure sections.
Check the Cookies Report: Use the pre-built ObsercePoint report and compare with the full URL list to find pages missing the cookie.
Validate Identity and Cluster: Ensure that both the Identity string (the ECID) and the Cluster string (the routing ID) are present within the cookie values across all audited pages.
ObservePoint identifies these cookies by scanning the browser's first-party storage for the values set by the adobedc.net Edge Network.
Remediation
If the AEP kndctr cookies are missing from specific pages, investigate these common configuration gaps:
Verify Web SDK Extension Settings: In AEP Tags (Launch), ensure the Domain is set correctly in the Web SDK extension (e.g.,
example.com). If it is set too strictly (e.g.,www.example.com), the cookie will not persist when a user moves to a subdomain likeshop.example.com.Check First-Party CNAME: If you are using a CNAME for the Edge Network (e.g.,
metrics.example.com), ensure the DNS records are correctly configured. A broken CNAME will prevent the browser from receiving the cookie instructions from the Edge Network.Consent Management Blocks: If your Consent Management Platform (CMP) is configured to "Strictly Block," it may prevent the Web SDK from initializing and dropping the
kndctrcookies until the user clicks "Accept."ITP/ETP Restrictions: In Safari and Firefox, JavaScript-set cookies are often capped at 7 days or 24 hours. If cookies are disappearing between sessions, consider implementing a server-side cookie refresh or a DNS-level tracking implementation.
Secure & SameSite Flags: Ensure the cookies are being set with the
Secureflag (required for HTTPS) and the appropriateSameSiteattribute to prevent them from being stripped by modern browser security policies.
Conclusion
Identity and routing are the twin pillars of the Adobe Experience Platform. If the kndctr identity and cluster cookies are missing, your data foundation is unstable. By using ObservePoint to ensure these cookies are present on every page, you guarantee that your customer profiles remain unified and your Edge Network interactions remain fast and consistent.