The Microsoft Authentication Library (MSAL) sets a session cookie to store an encryption key used to secure authentication data stored in localStorage during the login process, as confirmed by official documentation. It is not publicly disclosed what specific authentication data is stored in localStorage and secured by this encryption key, nor how long the session cookie remains active or what triggers its expiration or renewal. In a separate context, cookies in the Heroma system are primarily strictly necessary cookies, according to official statements.
However, it remains unclear whether there are any optional or non-necessary cookies used in the Heroma system beyond the strictly necessary ones.