Hi community I m still confused about the two cookies after

Question

Hi community I m still confused about the two cookies after reading <https github com ory hydra discussions 2410> could you please suggest where I could find the documentation about the usages of the cookies `oauth2 authentication csrf` and `oauth2 consent csrf`

loud-grass-72494 · Answer

coz we have a plan B to put an app between the user agent and hydra not let hydra to talk to our users browsers directly I think it would be important to gather this info

loud-grass-72494 · Answer

I saw gt ORY Hydra keeps track of user sessions It does so by issuing a cookie which contains the user ID On subsequent OAuth2 OpenID Connect flows the session will be checked and the Login Endpoint will be instructed to for example show the Login HTML Form or skip the Login HTML Form which I believe is the usage of `oauth2 authentication csrf`