Chat with Us!

Cookies & WebEx Web Conferencing URL API


Third party cookies and the WebEx Web Conferencing URL-based API

Remember that when a host is logged in, either via the WebEx Web Conferencing interface or via the WebEx Web Conferencing API, a session cookie is created and attached to the browser instance. That cookie is used to authenticate the host as they access WebEx Web Conferencing features or API calls are made. If there is a period of more than 30 minutes of inactivity, the cookie dies and the host must log in again. If the host does not log in again, they will receive the Access Denied message.

Because the WebEx Web Conferencing URL API uses a cookie, disabling third party cookies has a negative impact on most, if not all, WebEx Web Conferencing API integrations. When accessing the WebEx Web Conferencing service directly from a WebEx Web Conferencing site, the session cookie is not considered a potential threat -- it's being written directly from the system to the host's computer. However, when the WebEx Web Conferencing service is accessed through an integration an interesting thing happens. Suddenly that helpful little cookie is looked as as a potential malicious threat to the host's computer because it's viewed as coming from a "third party" source. This can cause a number of hard to diagnose problems but is easily fixed without requiring the host to enable all 3rd party cookies by following these steps:

For IE 6+:
  1. Click Tools from the menu bar
  2. Select Internet Options
  3. Click the Privacy tab
  4. Click the Edit button in the Web Site section (at the bottom)
  5. Add webex.com in the Address of field and click the Allow button
  6. Click Ok
For IE 5.5:
  1. Click Tools from the menu bar
  2. Select Internet Options
  3. Click the Security tab
  4. Click Trusted Sites (green circle with white checkmark)
  5. Click the Sites button
  6. Add webex.com in the Add this website to the zone field and click the Allow button
  7. Click Ok


If the Require server verification (https://) for all sites is selected, the full site name including the https:// information must be supplied. NOTE: Many IT organizations will have firewall/proxy configurations that block access for third party cookies, JavaScript, ActiveX and etc. It will be critical to the success of the integration that these groups are made aware of the requirement for WebEx Web Conferencing to be able to return information via client-server communication for a WebEx Web Conferencing URL-based API integration.