Cookiesentry

Cookie checkerFeaturesPricingBlogContact
Home/Cookies Guide/tt_csrf_token
Back to all cookies
Social MediaConsent required

tt_csrf_token

CSRF protection token issued by TikTok. Although strictly necessary for TikTok-side interactions, on a third-party site it appears only when a TikTok video embed loads — making it part of the social-plugin tracking stack.

Provider
TikTokSee all TikTok cookies →
Expiry

Session

Set by

TikTok Information Technologies UK Ltd.

Category
Social MediaSee all social media cookies →

GDPR & ePrivacy guidance

tt_csrf_token is a social media cookie. Under Art. 5(3) ePrivacy Directive and the GDPR, it must not be set before the visitor has given prior, informed, freely-given consent.

If your scanner finds tt_csrf_token on a page before the visitor interacts with your consent banner, that's a violation — the cookie loaded without a legal basis.

Fix: gate the script that sets this cookie behind your CMP, so it only fires after the relevant consent category is accepted.

Related cookies

datrSocial Media

Meta

sbSocial Media

Meta

c_userSocial Media

Meta

xsSocial Media

Meta

Is tt_csrf_token on your site?

Run a free CookieSentry scan to find every cookie set before consent — including tt_csrf_token — and get a downloadable evidence PDF.

Run a free scan →
Cookiesentry
About usFAQContactBlogCookies GuidePrivacyTermsEU Hosting

No cookies. No tracking. Analytics by EU-hosted Umami.

© 2025 CookieSentry. All rights reserved. Made with care for your privacy.