Cookie Statement
This Cookie Statement was updated on 01/21/2025.
This Cookie Statement describes how SAP Ariba (hereinafter also “We”, “Our”) uses cookies
and similar technologies to collect and store information when you visit SAP Ariba Buying and SAP Ariba Sourcing. The Privacy Disclosure for Ariba Cloud Service applies in addition to this Cookie Statement. The Privacy Disclosure informs you about the way SAP Ariba uses, stores, and protects personal data collected. It also informs you of your data protection rights and how to exercise them.
We recommend that you read the Privacy Disclosure for Ariba Cloud Service
What are cookies and similar technologies?
Cookies are small files placed on your device (computer, tablet, or smartphone). When you access a website, a cookie is placed on your device, and it will send information to the party that placed the cookie.
There are other technologies that perform a similar function to cookies. These include inter alia web beacons and clear gifs. These are often used in conjunction with cookies to help a website owner understand its users better.
What are first party cookies?
SAP Ariba’s websites contain first party cookies. First party cookies are cookies that are specific to the website that created them. These cookies enable SAP Ariba to operate an efficient service and to track patterns of user behaviour to SAP Ariba?s website.
What cookies are used?
When tracking and evaluating the usage behaviour of users of the Web Presence by means of cookies or similar technologies includes the processing of your personal data, SAP Ariba is conducting the processing based on the following legal permissions:
-
GDPR Article 6.I (a) if it is necessary that We ask you for your consent to process your personal data,
-
GDPR Article 6.I (b) if necessary to fulfil (pre-)contractual obligations with you,
-
GDPR Article 6.I (f) if necessary to fulfil (pre-)contractual obligations with the company or other legal body you represent as a customer contact (legitimate interest to efficiently perform or manage SAP Ariba?s business operation),
-
or equivalent legal permissions under other relevant national laws, when applicable.
SAP Ariba uses Required Cookies that are absolutely necessary to enable technical core functionalities.
Required Cookies
| Name |
Purpose |
Lifespan |
| aods |
Used for session management in SBN |
Session |
| ariba_passwordadapter |
Ariba password cookie during SSO workflow |
Session |
| ariba_realm |
This cookie is used by application?s SSO workflow. |
Session |
| JSESSIONID |
Facilitates account authentication |
Session |
| AUTH_CROSS_DOMAIN |
To enhance user experience by reducing the need for multiple logins and credentials by maintaining Security and Access control across different domains |
Session |
| AWSSOAI |
Authentication and Authorization; used in application SSO flow |
Session |
| AWSSOSL |
Authentication and Authorization; used in application SSO flow |
Session |
| AWSSSOSSI |
Used for internal SAML session validation |
Session |
| AWSSSOSAUD |
Used for internal SAML session validation |
Session |
| urlPrefix |
Contains the URL prefix which needs to be prepended to the URL from GB UI to GB backend API calls the cobalt cluster. for non-cobalt, this cookie will be created with an empty value |
Session |
| woinst |
Used by SBN to keep track of apps-SBN integration |
Session |
| DefaultTabForprodjp |
for storing the default tab per service |
Session |
| gbsioecv2 |
Determines if Oauth is enabled by a cookie. |
Session |
| at_check |
The value of the cookie validates whether the current user accepts cookies |
Session |
| gbslcv2 |
Authentication and Authorization token ID. |
Session |
| auc_ctxt_tag_list |
Community sensitive context tags management |
Session |
| awscreenstats |
Captures information about user?s screen resolution to improve user performance |
Session |
What web beacons are used and how can you manage them?
When SAP sends you newsletters or other email communication, SAP uses web beacons (a small .gif image) to determine a user's ability to receive e-mail in a HTML format. A web beacon is activated when a HTML e-mail is opened. This capability enables SAP to track the aggregate number of e-mails opened and which individual interacted with the provided content.
The web beacon does not collect any Personal Data. Each browser provides users or their admins with functionality in their respective technical settings that can be used to prevent the automated download of images, pixels, beacons or other tracking technologies. If you wish to prevent your browser from communicating directly with the sender of an email, you can set your browser to do so.