Recent Content
Comprehensive Outage Information
What is a Severity 1 incident? A Severity 1 incident is a situation where the application is essentially rendered useless and prevents all, or the majority, of users from accessing or using the application for its primary purpose. Community - Severity 1 Definition At least 50% of users are experiencing one or more of the following problems: Cannot access the production community Cannot post anywhere on the production community Cannot log in to the production community Extreme slowness (several seconds or minutes) to load nearly any page on the production community A major security risk or vulnerability Note: Any of the same issues happening only on the stage community would not classify as a Severity 1 incident. In these situations, a normal Support ticket should be filed via the case portal. Khoros Care - Severity 1 Definition No one can access or log in to Khoros Care Data is not coming in to Khoros Care for any one of the standard social integrations, i.e. Facebook, Twitter, Khoros Community, or Google+ No agent is able to send responses out to any one of the standard social integrations, i.e. Facebook, Twitter, Khoros Community, or Google+ Extreme slowness (several seconds or minutes) to load or respond to nearly all conversations A major security risk or vulnerability Khoros Marketing - Severity 1 Definition No one can access or log in to Khoros Marketing Data is not coming in to Khoros Marketing for any one of the standard social integrations, i.e. Facebook, Twitter. No account is able to send responses out to any one of the standard social integrations, i.e. Facebook, Twitter. Extreme slowness (several seconds or minutes) to load or respond to nearly all conversations A major security risk or vulnerability Who do I contact if there's a Severity 1 incident? Email: [email protected] What information should I provide? When reporting and outage, to expedite turnaround time please provide the following: Brief description and steps to replicate the issue Sample URL to where the issue can be seen (the home page is fine if no specific URL) What is your Service Level Agreement (SLA) on Severity 1 incidents? Support on severity 1 incidents is available 24 hours a day, 7 days a week, including published holidays. We guarantee a 15 minute initial response for Standard and Premium Support. The most up-to-date SLA information can always be found at https://khoros.com/service-level-agreement Do you have a server status page to check for real-time updates? Yes. It is located at http://status.khoros.com/ and you can subscribe to it via email or SMS (limitations apply to SMS updates). Note: Khoros monitors all of its critical services both internally and through third-party services. This page reports on known infrastructure wide incidents affecting Khoros platforms. If you're experiencing an availability or a performance issue that isn't shown on that page, please report it to [email protected] My contract says .... Your contact overrules the statements in this document. This outlines our standard expectations and commitments, however customers with increased or grandfathered support offerings may have different contractual agreements.24KViews10likes4CommentsKhoros Cookies Datasheet (Community, Care, Marketing, Khoros Bot).
Cookies are small data files stored in web browsers to track usage and enable useful services and features when using Khoros Services or interacting with Khoros. This document provides information on the standard cookies used by Khoros Services and Khoros generally and how to reject or delete those cookies should users choose to do so. Understand that restricting cookies can have an adverse impact on the functionality and the online user experience when interacting with Khoros and Khoros Services. We classify the cookies typically used by Khoros and Khoros Services into the four broad categories described below. Type Classification Description Example 1 Strictly necessary These cookies are necessary for the proper functioning of the community, such as tracking a user session, or accessing secure areas. Session cookie used to pin a logged-in session to a browser 2 Performance The information these cookies collect is anonymous and is used to collect aggregate data including information about the pages users visit. Cookies delivered by Omniture WebAnalytics and Google Analytics for purposes of aggregate reporting 3 Functional These cookies allow websites to remember preferences and settings, such as your username, language, region, font size, and so on. Cookie used to hold a user’s username as part of a “remember me” feature 4 Tracking, targeting and sharing These cookies remember that you've visited a website, a particular web page, and/or track your activities on the site. This information is sometimes shared with third party advertisers for serving targeted online advertising or other personalized content. Cookies used to track visitor activity on an individual basis can be used by Khoros or its third party business partners to serve personalized content, and/or later aggregated and used to analyze website traffic and trends. How to control cookies Some cookies are necessary for the proper operation of Khoros Services and disabling or removing them may have an adverse impact on the proper functioning and user experience. However, users may choose to view, block, or remove cookies set by Khoros Services through their web browser settings (or any website cookies for that matter). Consult the help feature for your specific browser to find how. Here are some useful links for your convenience. Microsoft Internet Explorer Privacy Settings and Information Google Chrome Privacy Settings and Information Mozilla Firefox Privacy Settings and Information Apple Safari Privacy Settings and Information Also, you may choose to consult an external and independent third party website such as AboutCookies.org or www.youronlinechoices.eu/ if you are in the European Union which provides comprehensive information on a variety of browsers and how to control or change their respective privacy settings. Cookies used by Khoros The following standard cookies are used by: Khoros Community Community Analytics Khoros Care Khoros Marketing Khoros Bot Atlas Turning off or removing these cookies may have an adverse impact on the proper functioning and user experience when interacting with Khoros and/or using Khoros Services. Khoros Community Cookies Cookie Name Type Description and Purpose Expiration Time/Type If removed, disabled, or not accepted AWSALB 1 AWS sticky session cookie required for load balancer routing. See this document for further information. Request (persists for 7 days) Sticky session won't work and some functionality will break. AWSALBCORS 1 For continued stickiness support with CORS use cases after the Chromium update, we are creating additional stickiness cookies for each of these duration-based stickiness features named AWSALBCORS (ALB). See https://docs.aws.amazon.com/ elasticloadbalancing/latest/ application/sticky-sessions. html for further information. Request (persists for 7 days) _ga 2 Distinguishes users using a unique ID. It is used by Google Analytics to calculate visitor, session, and campaign data. By default, the configuration setting that sets this cookie is disabled. File a Support ticket to request enablement. 2 years (persistent) Visitor and session data will not be tracked and will not be available to Google Analytics !lithiumSSO:{client_id} 1 Used for passing authentication information to Khoros This cookie is a cancel cookie. Khoros sets this cookie so that we don't re-read the original lithiumSSO cookie set with SSO. session SSO will not be functional for the user LiSESSIONID 1 Session management session User cannot log in, and is treated as an anonymous user lia.anon.{setting or config name} 3 Stores community-wide configurations and settings for anonymous users 1 year (persistent) Community behavior will follow defaults and any UI convenience changes made by the user will be ignored. liSdkOptions:{communityId} 3 Dropped when a Studio user navigates to Studio > Advanced > SDK and clicks Submit after checking the View as anonymous checkbox. The cookie allows developers to sign out of the community but still have it find the URL to use for rendering a skin that is hosted via the Community Plugin SDK. This cookie is used only on stage sites. 1 month or when the View as anonymous checkbox is unselected The community will serve the URL for the skin set on the stage site instead of the URL to the locally hosted skin (so local SASS development will not work when the user is signed out) lithium.anonymous. usersetting.{setting name} 3 Remembers user preferences 1 year (persistent) The community will not remember the user’s setting preferences lithium.anonymous. usersetting.profile. language 3 Remembers language preferences 1 year (persistent) The community will not remember the user’s language preferences. The language will default to the native language defined for the community. lithiumLogin:{community id} 3 Keeps users logged in when they make a request after their session has expired. It is triggered when a user checks Save login name and password. The cookie is encrypted and includes a unique user secure ID in the database. 30 days (persistent) The "auto login" and "remember me" features will not work LithiumNotifications 3 Temporarily stores Realtime Notification messages (Toast messages) session Realtime notification toasts may not appear (pop-up) after a page transition. LithiumUserInfo 1 Session management session The user will not be able to view secure pages and will be redirected to the login page LithiumUserSecure 1 Secure Session management session The user will not be able to view secure pages and will be redirected to the login page. LithiumVisitor 1 Replaces VISITOR_BEACON. Khoros currently uses both for backward compatibility. This cookie computes billing visits, registered billing visits, visits, registered visits, and unique visitors metrics. The cookie is encrypted and stores when it was first issued, when it was last seen by Khoros, an unique visitor ID (which is unique per visitor’s browser). Configurable (Default = 6 Months) Note: To change the default value, contact Khoros Support. Visits and unique visitors metrics will not be accurate. There will be a new billable visit on each new request. Customers on billing visits model will be affected. P{poll_id}U{user_id}R{reset_count} 3 Tracks when a user has voted in a poll and tracks the answer value. The cookie is used to prevent a user from voting multiple times in a single poll. The cookie is only placed if Use cookies to prevent multiple votes is enabled in Community Admin. 14 days If the user is an anonymous user, the user will be able to vote multiple times when the cookie is cleared. If the user is logged in, votes, and then clears the cookie, they are not allowed to revote. PushyAuthToken 1 Authenticates the user for a session with Realtime Notifications service (Pushy) Manually cleared when the user logs out or when their session expires due to inactivity WebSocket connections to the Realtime Notification service will fail with a 403 Forbidden error and the user will not see realtime notifications. VISITOR_BEACON 1 Computes billing visits, registered billing visits, visits, registered visits, and unique visitors metrics. The cookie is encrypted and stores, when it was first issued, when it was last seen by Khoros, the user ID, and its own unique ID. Configurable (Default = 6 Months) Note: To change the default value, contact Khoros Support. Visits and unique visitors metrics will not be accurate. There will be a new billable visit on each new request. Customers on billing visits model will be affected. VISITORID 1 Distinguishes between human and bot traffic 3 years (session) Defeats the bot detection mechanism. (May see increased spam on the community.) ValueSurveyParticipation 3 Stores a timestamp storing the creation time of this cookie, which is used in value survey trigger logic. Default is 90 days. Configurable in Community Admin The user will get multiple prompts to take a survey ValueSurveyVisitorCount 3 Stores the survey visit count of the user, which is used in logic that determines when a survey is triggered. This cookie is used in conjunction with the ValueSurveyParticipation cookie. When the ValueSurveyParticiation is set, the count for ValueSurveyVisitorCount cookie is reset to 0. Expires when the ValueSurveyParticipation cookie is either set or expires The user will not be prompted to take a survey until the count defined in the Delay before prompting user with survey field in Community Admin > Features > Value Surveys > Settings is met. ValueSurveyCompletion (Aurora) 3 Stores whether the user has completed or declined the survey. This cookie is used to determine that the survey is not served to the user again until the cookie expires. Configurable (default = 30 days if declined or abandoned and 90 days if completed) This cookie is not dropped if the user has rejected or turned off third-party cookies. If this cookie is cleared, the user may be prompted with an additional survey depending on their configured settings. ValueSurveyVisits (Aurora) 3 Stores the survey visit count of the user, which is used in logic that determines when a survey is triggered. This cookie is used in conjunction with the ValueSurveyParticipation cookie. When the ValueSurveyParticipation is set, the count for ValueSurveyVisits cookie is reset to 0. Expires when the ValueSurveyParticipation cookie is either set or expires The user will not be prompted to take a survey until the count defined in the Present survey after this many visits field in Community Admin > Content Features > Community Experience Survey > Survey Behaviors is met. LithiumCookiesAccepted (for Cookie Banner v1) 1 Stores the information of whether the user has given explicit consent by clicking "Accept" on the cookie banner to store Type 2, Type 3 & Type 4 cookies. For Cookie Banner v1, this cookie stores: -'1' if the user has explicitly clicked "Accept" in the cookie banner. -'2' if user clicked "Reject". Configurable (Default = 6 months). This cookie is not session specific (persistent) and will be maintained across sessions. This cookie is not dropped if OOTB cookie banner is disabled. If the banner is enabled and this cookie is explicitly removed from the browser, the cookie banner will appear again and Type 2, Type 3 & Type 4 cookies will not be stored unless the user clicks “Accept” again. LithiumNecessaryCookiesAccepted (for Cookie Banner v2 and Aurora) 1 Stores the information of whether the user has given explicit consent by clicking "Accept", "Reject" or "Confirmed" their choices from options under "Preferences" on the cookie banner to store Type 1 cookies. For Cookie Banner v2 this cookie stores: -'0' when the OOTB cookie banner for the site is enabled and user has not explicitly clicked "Accept" or "Reject" or "Confirmed" their choices from "Preferences". - For Classic: '0' when the OOTB cookie banner for the site is enabled and user clicked "Reject". - For Aurora: "1" when the OOTB cookie banner for the site is enabled and user clicked "Reject". -'1' if the user has explicitly clicked "Accept" or "Confirmed" their choices from "Preferences". Irrespective of the value, Type 1 cookies are always stored in the browser. Configurable (Default = 6 months). This cookie is not session specific (persistent) and will be maintained across sessions. This cookie is not dropped if OOTB cookie banner is disabled. If the banner is enabled, removing or deleting this cookie from the browser will not impact any Type 1 cookies that are stored in the browser. LithiumFunctionalCookiesAccepted (for Cookie Banner v2) 1 Stores the information of whether the user has given explicit consent by clicking "Accept", "Reject" or "Confirmed" their choices from options under "Preferences" on the cookie banner to store Type 3 cookies. For Cookie Banner v2 this cookie stores: -'0' when the OOTB cookie banner for the site is enabled and user has not explicitly clicked "Accept" or "Reject" or "Confirmed" their choices from "Preferences". -'1' if the user has explicitly clicked "Accept" in the cookie banner or "Confirmed" their choices from "Preferences". -'2' if user clicked "Reject". Configurable (Default = 6 months). This cookie is not session specific (persistent) and will be maintained across sessions. This cookie is not dropped if OOTB cookie banner is disabled. If the banner is enabled and this cookie is removed from the browser, then new Type 3 cookies will not be stored in the browser. LithiumTargetingCookiesAccepted (for Cookie Banner v2) 1 Stores the information of whether the user has given explicit consent by clicking "Accept", "Reject" or "Confirmed" their choices from options under "Preferences" on the cookie banner to store Type 4 cookies. For Cookie Banner v2 this cookie stores: -'0' when the OOTB cookie banner for the site is enabled and user has not explicitly clicked "Accept" or "Reject" or "Confirmed" their choices from "Preferences". -'1' if the user has explicitly clicked "Accept" in the cookie banner or "Confirmed" their choices from "Preferences". -'2' if user clicked "Reject". Configurable (Default = 6 months). This cookie is not session specific (persistent) and will be maintained across sessions. This cookie is not dropped if OOTB cookie banner is disabled. If the banner is enabled and this cookie is removed from the browser, then new Type 4 cookies will not be stored in the browser. LithiumPerformanceCookiesAccepted (for Cookie Banner v2) 1 Stores the information of whether the user has given explicit consent by clicking "Accept", "Reject" or "Confirmed" their choices from options under "Preferences" on the cookie banner to store Type 2 cookies. For Cookie Banner v2 this cookie stores: -'0' when the OOTB cookie banner for the site is enabled and user has not explicitly clicked "Accept" or "Reject" or "Confirmed" their choices from "Preferences". -'1' if the user has explicitly clicked "Accept" in the cookie banner or "Confirmed" their choices from "Preferences". -'2' if user clicked "Reject". Configurable (Default = 6 months). This cookie is not session specific (persistent) and will be maintained across sessions. This cookie is not dropped if OOTB cookie banner is disabled. If the banner is enabled and this cookie is removed from the browser, then new Type 2 cookies will not be stored in the browser. _pendo_meta.* 4 Cookie is used by Communities to show in-app feature guides in the "Community Admin" section Persistent None _pendo_accountId.* 4 Cookie is used by Communities to show in-app feature guides in the "Community Admin" section Persistent None _pendo_visitorId.* 4 Cookie is used by Communities to show in-app feature guides in the "Community Admin" section Persistent None mPulse 2 mPulse enables real-time performance monitoring and analysis of the community and helps improve over... 7 days The mPulse tools and dashboards from within Akamai will no longer contain the relevant real user measurement data. kh-local-storage (for Aurora only) 3 Introduced in Aurora 23.5/23.6 when it was discovered that Android apps need to have local storage enabled to embed a community via WebView. If local storage is not enabled, the app falls back to using this cookie for local storage instead. Session Mobile Android apps that embed a community using WebView and do not have local storage enabled will fail to render pages. LithiumImpersonatedUser (for Aurora only) 3 Keeps reference of the user being impersonated when the Switch Member feature is enabled. 30 minutes Switch Member feature would not work as cookie is used to identify the impersonated user. kh-sso 1 When the bounce URL is set in the SSO properties, the user is redirected to said URL if it’s not authenticated. In order to avoid a redirection loop, this cookie is set to mark that the user has already been redirected once. Session If the bounce URL is set in the SSO properties, the user may enter a redirection loop and be unable to access the community. LithiumUserExternalVideoConsent 1 Remembers users' preferences to consent to cookies originating from external video providers 180 days / 6 months Users are asked to consent to cookies originating from external video providers LithiumLocalePreferences (For Classic and Aurora communities) 3 Used to keep track of the user’s preferred language 24 hours Increase in number of calls to verify user language preference. Language preference order may be altered or may default to browser selected preference. For Aurora - If this cookie is not present, a query will be executed to retrieve the language. If the user does not have a value in their preferences, we will use the browser's `Accept-Language` header. LithiumToggleTextKeys 3 Used to enable toggle text key functionality in end-user app. 24 hours Toggle text keys functionality would not show on end-user app and therefore could not be used. LithiumLocalizedCategoryLocalePreference (Aurora only) 3 Used to keep track of the users selected language in the language selector when Localized Community is enabled in Aurora. 24 hours Users selected language from the language selector will not persist. Language preference will shift back to the language retrieved from the users browser `Accept-Language` header. csrf-aurora 1 Cross-site request protection Session Users cannot use the product LithiumTimezonePreferences 3 Stores timezone information used to render dates/times within the community interface. Prior to authentication, the cookie defaults to the community‑configured timezone. Upon user authentication, the cookie is updated with the user’s preferred timezone (derived from profile settings during login), enabling accurate local‑time display of timestamps, event schedules, and other time‑based community content. 24 hours Increase in number of calls to verify user timezone preference. Timezone preference may be altered or may default to community default timezone (typically US/Pacific). Timestamps displayed on mouseover may show incorrect timezone until page refresh or cookie is re-synced. Community Analytics Cookies Cookie Name Type Description and Purpose Expiration Time/Type If removed, disabled, or not accepted SIP|ws 3 Tracks the workspace to redirect to after a session timeout 1 day All Khoros Community cookies also apply to Community Analytics Khoros Care cookies Cookie Name Type Description and Purpose Expiration Time/Type If removed, disabled, or not accepted X-TOKEN-ID 1 Protects against cross-site scripting Session This is a security token. It is critical for the application to run PLAY_SESSION 1 This is the main session cookie Session This is the main session cookie. It is critical for the application to run __sdx_page 3 Stores the user’s current application tab 14 days When a user reloads the page, the user is redirected to the default tab instead of to the last tab used in the application PLAY_LANG 3 Retrieves the user’s language 14 days This is used only when LSW cannot detect the browser language and a user has no language set Khoros Care Analytics Cookies Cookie Name Type Description and Purpose Expiration Time/Type If removed, disabled, or not accepted XSessionID 1 This is the main session cookie 24 hours This is the main session cookie. It is critical for the application to run JSESSIONID 3 This is an auto-generated JSP cookie Session The application does not rely on this cookie but uses the cookie occasionally to auto-generate UUIDs Care Publisher Cookies Cookie Name Type Description and Purpose Expiration Time/Type If removed, disabled, or not accepted TOCOMA-CID 1 The user’s main session cookie Expires when the browser session ends The application will not run Khoros Marketing Cookies In addition to the _ga cookie used by Khoros Communities (see the “Khoros Communities cookies” chart above), Khoros Marketing also uses the following cookies: Note: Khoros Experiences customers can set additional cookies on websites where they publish visualizations created by the Khoros product, in addition to the standard cookies disclosed below. These cookies are set by social networks when a user signed in to the social network visits the website. Description and Purpose Cookie Name Type Expiration Time/Type Consequence if removed, disabled, or not accepted sf-ui.login.spredfast.com 3 - Functional Expanded user auth info Persistent None sfauth-login.spredfast.com 1 - Strictly necessary User Auth Info 12 hours Users cannot use the products sfjwt-login.spredfast.com 1 - Strictly necessary User Auth Info 12 hours Users cannot use the products sfcsrf-login.spredfast.com 1 - Strictly necessary Cross-site request protection 12 hours Users cannot use the products sfsig-login.spredfast.com 1 - Strictly necessary User Auth Info signature 12 hours Users cannot use the products _ga 2- Functional Google Analytics - Used to distinguish users. 2 years None _gid 2- Functional Google Analytics - Used to distinguish users. 24 hours None _gat 2- Functional Google Analytics - Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>. 1 minute None _pendo_accountId.* 4 - Tracking, targeting and sharing Cookie is used by marketing software for user analytics Persistent None _pendo_meta.* 4 - Tracking, targeting and sharing Cookie is used by marketing software for user analytics Persistent None _pendo_visitorId.* 4 - Tracking, targeting and sharing Cookie is used by marketing software for user analytics Persistent None PHPSESSID 1 - Strictly necessary Only contain a reference to a session stored on the web server. No information is stored in the user's browser and this cookie can only be used by the current web site. Session Users cannot use the product csrf_token 1 - Strictly necessary Cross-site request protection Session Users cannot use the product campaignTab 3 - Functional Used to track and restore last tab in Initiative Settings Session None _tweetriver_session 1 - Strictly necessary Only contain a reference to a session stored on the web server. No information is stored in the user's browser and this cookie can only be used by the current web site. 24 hours Users cannot use the product _tweetriver_session 1 - Strictly necessary Only contain a reference to a session stored on the web server. No information is stored in the user's browser and this cookie can only be used by the current web site. 24 hours Users cannot use the product mr_inst_token 3 - Functional Allows users to like an Instagram status from Vizzes Session Users cannot like an Instagram status from Vizzes mr_pauth_t 1 - Strictly necessary Redirects the user after photo share Session User will not be redirected after sharing a photo poll-user-id 3 - Functional Tracks a random user id for submitting to a poll (so repeat votes can be tracked). Session Duplicate poll votes cannot be tracked. redirectToOldModeration 3 - Functional Redirects the user to old stream moderation tool Session May be deprecated or non-functioning at this time Customer and Third-Party Cookies on Khoros Communities Khoros customers may set additional cookies on Khoros Community in addition to the standard cookies disclosed above. These cookies are set and controlled by Khoros customers and their affiliates for various purposes such as website usage tracking (very common practice) and targeting for surveys or advertising in some cases. Khoros does not control the dissemination of such cookies. If you need more information on which additional cookies are set on the Community you are visiting, visit the community’s privacy section. You may also wish to review the How to control cookies section to view, remove, or block certain cookies. Note that disabling or removing cookies may have an adverse impact on the proper functioning of the community, and certain features may become disabled or unavailable. Cookies Set by Third-Party and External Sites Communities may contain embedded images, videos, and links to external and third-party websites. Khoros customers may also include syndicated content on their communities such as banner ads and similar embedded objects from their affiliates and partners. As a result, when you click on such an object you may be presented with cookies from the owner of that respective website where the content is hosted. Khoros does not control the dissemination of such cookies. Contact the relevant third party website for their privacy policy and cookie information. Note that disabling or removing cookies may have an adverse impact on the proper functioning of the community, and certain features may become disabled or unavailable. Khoros Bot Cookies Khoros recently acquired Flow.ai which provides Intent Detection and Suggested Responses in Enterprise Architecture and uses the following cookies in the provided cookie bar when accepted by the website visitor: Cookie Name Location Description Type Cloudfire Dashboard The cookie is used by CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information. Strictly necessary Google Analytics Dashboard The cookie is used by Google analytics to calculate visitor, session, campaign data, user interaction with the website and keep track of site usage for the site''s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. Performance Stripe Dashboard This cookie is used to enable payment on the website without storing any payment information on a server. Strictly necessary Atlas Cookies In addition to the AWSALBCO, AWSALB, _ga, LiSESSIONID, LithiumVisitor and VISITOR_BEACON cookies used by Khoros Communities (see the “Khoros Communities cookies” chart above) Khoros Atlas Community also uses the following cookies: Cookie Name Type Description and Purpose Expiration Time/Type __cfduid Necessary The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information. 1 month _hjFirstSeen Analytics This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions. 30 minutes _gat_UA-134360776-2 Other No description 1 minute _gat_UA-134360776-3 Other No description 1 minute _hjTLDTest Other No description session _hjid Other This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. 1 year Munchkin Javascript Tracking API 4 Tracking of end-user page visits. Tracking of clicks to specific landing pages and external web pages. 720 days, and we're currently supporting Do Not Track functionality Contact Khoros For Privacy related requests email privacy [at] khoros [dot] com. Use a secure communication method such as PGP or SMIME for sharing sensitive information. Find Khoros' Privacy Policy. For Security related requests email [email protected]. Use a secure communication method such as PGP or SMIME for sharing sensitive information. For sales related and general inquiries, contact your designated Account Manager or visit our website.313KViews8likes21CommentsKhoros Customer Data Retention and Destruction
Data Retention Customer data is generally retained for the duration of the customer’s contract with Khoros. Exceptions to this include: Khoros Marketing: Data imported from various social media platforms is retained for a rolling twenty four (24) months before it is automatically purged. Khoros Care: Data imported from various social media platforms is stored for the life of the agreement but can be viewed directly in the platform only for 24 months. Data can be exported from the Service via API for a period of 18 months. Khoros Community: Data processed within Khoros Community will be retained for the life of the agreement. While being retained, all customer data is retrievable and maintained per applicable legal, contractual and regulatory requirements. Customer data is available for 30 days from the date of termination or expiration of the agreement ("Data Retrieval Window"). Once the agreement ends, the data will be returned to the customer upon written request. If data is not requested by the customer, the customer agrees that Khoros has no further obligation to retain the data. Notes: (a) data on backup systems is maintained for 90 days and then deleted; (b) log files are maintained for up to twelve months and then deleted. During and after the life of the agreement, Khoros can use aggregated and anonymized data for metrics and reporting purpose. This data does not include any personal information. Data Backup and Restoration Backups are taken every day and are encrypted using AES 256-bit information. Backups are overwritten every 90 days. Access to the backups is restricted to authorized individuals. We conduct backup restoration testing annually. Data Retrieval At the expiration or termination of the agreement, if the customer wishes to have a copy of its data, the customer must send a written request via the support portal at https://supportportal.khoros.com/ within the Data Retrieval Period noted in the Data Retention section above. We security provide the extract for: Khoros Community content, one time and at no charge, in a machine-readable format. For all other Khoros Services, customers may download the content in a comma separated value (.csv) format. Khoros can provide additional assistance for data extractions at Khoros’s standard Professional Services rates. The availability of content for extraction or downloading from certain services will be limited as described above within the Data Retention section. Data Destruction The data is made available for 30 days from the agreement expiration or termination date. Unless otherwise required by applicable law, customer data is deleted after the Data Retrieval Window in accordance with the above 'Data Retention' section. The active databases are dropped from the production servers and data is permanently deleted according to NIST SP 800-88 guidelines.20KViews1like12CommentsKhoros Community Classic/Aurora Certificates
Overview Khoros manages SSL/TLS certificates for all hosted community sites. We have recently moved to a fully automated renewal process. This document explains how it works. Automated Renewals Khoros automatically renews SSL certificates before they expire. No action is required from your team for routine renewals, and you will not be contacted as part of the standard process. Certificate management in Khoros Communities was previously a manual process, carrying an inherent risk of delays and late renewals. As part of our ongoing commitment to improving the reliability and quality of the service, we have rebuilt this process from the ground up using modern, automated approaches. Certificates are now renewed consistently and on schedule, eliminating the operational risk that came with manual handling. This also positions us well for the future. The industry is moving to significantly shorter certificate validity periods — the CA/Browser Forum has a published schedule reducing certificate validity from 13 months today down to 47 days by 2029. Automation is the only viable way to manage certificates at that cadence, and we are already there. For more background on why the industry is moving this direction, see: Automated Certificate Management Is No Longer a Nice-to-Have — It's Essential How We Validate Your Domain Khoros issues certificates using HTTP domain validation. To prove we legitimately manage the subdomain hosting your community (e.g. community.example.com), we serve specific content from a URL on your community site. This is verified by the Certificate Authority, and the certificate is issued. This means: No DNS changes are required from your team No CSR handover or manual certificate issuance is needed Validation is scoped to the specific subdomain we host — we cannot access to your root domain Certificate Authority We currently support a range of ACME-compatible Certificate Authorities, including: Amazon Trust Services DigiCert Google Trust Services Let's Encrypt With Amazon Trust Services being used by default. If your domain has CAA records restricting which Certificate Authorities may issue certificates, Khoros respects these and will issue via a permitted CA. If your security policy requires a specific Certificate Authority, please contact your account manager. We can support any Certificate Authority that implements ACME (Automatic Certificate Management Environment) — the industry-standard protocol for automated certificate issuance. Extended Validation (EV) Certificates If your site uses an EV certificate, this is handled outside our standard process. Please contact our support team if you have an upcoming EV certificate renewal. SAML Certificates SAML certificates are used to secure Single Sign-On (SSO) authentication between your identity provider and your Khoros community. These are separate from the SSL/TLS certificates described above and are not yet covered by our automated renewal process. SAML certificate renewals are currently handled manually. We are planning to improve this in the future. If you have a SAML certificate approaching expiry, please contact our support team.288Views0likes0CommentsSupport Notifications
Khoros Support tracks a notification list to always keep you and your team up to date on news about our product as well as specifics for your particular environment. These notification lists are used for: Khoros Communities and/or Care upgrade notifications Maintenance that falls outside of the standard maintenance windows Miscellaneous product updates For notifications of any system-wide availability updates, potential issues with critical third party services (such as Facebook) that we learn about, or any other mass outage of our platform, please subscribe directly to status.khoros.com via email or SMS. If you purchased the Gold or Platinum support package and have access to the Case Portal. Please contact Support any time to update either notification list and ensure members of your team/organization are notified of important updates!What companies are subprocessors to Khoros?
Data Location & Subprocessor Guide Khoros uses subprocessors in its applications to help it perform certain Services. Suprocessors are third-party entities with whom Khoros contracts to perform these Services and who may process customers’ personal data. Khoros contractually requires its subprocessors to comply with security and data privacy standards that are at least as protective as those that Khoros commits to its customers. For information on our subprocessors, please scroll down to the charts below or simply click on one of the following links to be redirected to the corresponding table: What has changed since our last version: We updated our Business Operational Subprocessors. MARKETING SUBPROCESSORS Subprocessor Purpose Data Hosting Location Customer Location AWS USA Cloud hosting USA Worldwide Airship Mobile push notifications which might contain PII USA, EU Worldwide Fastly Content delivery network Worldwide (location list at: https://www.fastly.com/network-map) Worldwide Pendo In-app help, guidance, and announcements USA Worldwide SendGrid (Twilio) Email service provider used to send emails USA, UK, India, and Japan Worldwide Sumo Logic Log collection and storage USA Worldwide Twilio Provides programmable communication products and services, primarily in the form of APIs USA Worldwide Zencoder (Brightcove) Video transcoding; Although it does not handle PII, it may have access to unreleased marketing assets USA, Australia, Mexico, Singapore, UK, Spain, France, Germany, and Sweden Worldwide OPTIONAL MARKETING SUBPROCESSORS Talkwalker Deep listening services for select Strategic Services Customers EU (Germany) Worldwide CARE SUBPROCESSORS Subprocessor Purpose Data Hosting Location Customer Location AWS USA Cloud hosting USA USA and Canada Customers EMEA/APAC Customers solely for authentication data* AWS Ireland Cloud hosting Ireland EMEA Customers* AWS Australia Cloud hosting Australia APAC Customers* Pendo In-app help, guidance, and announcements USA Worldwide Sendgrid (Twilio) Email services provider used to send emails USA, UK, India, and Japan Worldwide Sumo Logic Log collection and storage USA USA, Canada, and EMEA Customers Sumo Logic Log collection and storage Australia APAC Customers Sunshine Conversations Extends conversational capabilities USA and EU Worldwide Twilio Provides programmable communication products and services, primarily in the form of APIs USA Worldwide OPTIONAL CARE SUBPROCESSORS Box File storage for Customers using the “File Preview Feature” USA Worldwide Cloud Elements API integration platform for CRM USA and Ireland Worldwide * = User profile and authentication data for the sole purpose of providing a unified log-in experience will be hosted in AWS USA for all Care customers. All other customer data is hosted in region where customer is situated. KHOROS BOT SUBPROCESSORS Subprocessor Purpose Data Hosting Location Customer Location Auth0 User authentication Germany Worldwide AWS EU West 1 Cloud hosting Amsterdam, Germany, and Luxembourg Worldwide AWS Ireland Cloud hosting Ireland Worldwide Cloudflare Web firewall and CDN Worldwide Worldwide Customer.io CRM USA Worldwide MongoDB Database management Belgium Worldwide OPTIONAL KHOROS BOT SUBPROCESSORS Google Ads (and analytics) Advertising USA Worldwide Vertex AI (Google Cloud) Provides advanced machine learning to enhance Khoros Bot and Agent Assist functionality, including large language models (LLMs) USA (Oregon) US and Canada Customers Vertex AI (Google Cloud) Provides advanced machine learning to enhance Khoros Bot and Agent Assist functionality, including large language models (LLMs) UK EMEA Customers Vertex AI (Google Cloud) Provides advanced machine learning to enhance Khoros Bot and Agent Assist functionality, including large language models (LLMs) Australia APAC Customers Sendgrid (Twilio) Email provider USA Worldwide Sentry.io Error reporting USA Worldwide COMMUNITY SUBPROCESSORS Subprocessor Purpose Data Hosting Location Customer Location AWS USA Cloud hosting USA USA, Canada, and APAC** Customers AWS Ireland Cloud hosting Ireland EMEA Customers AWS Australia Cloud hosting Australia APAC** Customers Akismet Spam detection USA and Australia Worldwide Clarotest Consulting Lab S.R.L. Some access to customer data as part of outage mitigation Argentina Worldwide Pendo In-app help, guidance, and announcements USA Worldwide Sendgrid (Twilio) Email services provider used to send emails USA, UK, India, and Japan Worldwide Sumo Logic Log collection and storage USA Worldwide Sunshine Conversations Extends conversational capabilities USA and EU Worldwide OPTIONAL COMMUNITY SUBPROCESSORS Akamai Technologies Content delivery network Worldwide (location list at: https://www.akamai.com/us/en/locations.jsp) Worldwide AWS Australia Cloud hosting Australia APAC** Customers Brightcove Video playback and storage USA, Australia, Mexico, Singapore, UK, Spain, France, Germany, and Sweden Worldwide Box File storage for Customers using the “File Preview Feature” USA Worldwide ETI Migrations Bulgaria, Italy, and UK Worldwide ** APAC Customers with Khoros Communities created prior to July 2024 will be hosted via AWS USA unless they have expressly opted to migrate to AWS Australia (fees apply). APAC Customers with Khoros Communities created July 2024 and after will be hosted via AWS Australia. BUSINESS OPERATIONAL SUBPROCESSORS Subprocessor Purpose Data Hosting Location Customer Location Domo Business intelligence and data visualization tool USA Worldwide Atlassian (Jira) Product support tool for Professional Services issue tracking and project management USA Worldwide Salesforce*** Customer relationship management USA Worldwide Workato System integration USA Worldwide Google LLC Email and document management USA/EU Worldwide Crossover Markets, LLC Recruiting, HR services USA Worldwide VoiceFlow, Inc. Support Chatbot Canada Worldwide ESW Operations, LLC Customer support platform EU Worldwide OPTIONAL BUSINESS OPERATIONAL SUBPROCESSORS Litmos Learning management system used to host product training content USA Worldwide Read AI, Inc. Meeting assistant, used for recording, taking notes and summarizing meetings USA Worldwide *** = Salesforce may be used in conjunction with other third-party applications or add-ons.50KViews0likes6CommentsSupport Case ID Migration and URL Redirect
What's Changing In our enhanced support portal (for more details, refer to this article), all support cases have been assigned new case IDs. However, we've made it easy to find your existing cases: Your original case ID is preserved in both the case title and dedicated search field Automatic URL redirect ensures your bookmarked links continue to work How URL redirect Works When you click on an old support portal link, our system automatically: Identifies your original case ID Finds the corresponding new case ID Redirects you to the correct case in the enhanced portal Troubleshooting redirect issue If you are trying to open a case and have been redirected to this page, it means we couldn't locate it. Please check: URL accuracy: Ensure the case ID in your link is correct Case Age: Case before 2023 may not have been migrated Direct search option: Visit Case Portal | Atlas and search using your original case ID Need Help? If you are still unable to access your case, please contact [email protected], and our team will assist you prompty.1KViews0likes0Comments2025 Khoros Holiday Production Freeze Schedule
To ensure we provide the best service possible and to minimize the risk of service disruptions during periods of high customer activity, Khoros implements annual freezes across all Khoros-managed production environments. These windows align with internal company holidays to ensure consistent coverage and reduce risk. These company-wide freezes apply to all Khoros products and internal applications. During these periods, no production-level changes—such as infrastructure updates, plugin deployments, new launches, software releases, or upgrades—will be approved or executed. 2025 Freeze Schedule Spring Holidays Friday 4/18/2025 12:01 am PT - Monday 4/21/2025 11:59 pm PT Juneteenth Wednesday 6/18/2025 12:01 am PT - Thursday 6/19/2025 11:59 pm PT Thanksgiving Monday 11/24/2025 12:01 am PT – Monday 12/1/2025 11:59 pm PT Winter Holidays Monday 12/15/2025 12:01 am PT – Friday 1/2/2026 11:59 pm PT Outages and Severity 1 Issues This does not impact our ability to manage outages or other severity 1 level issues. To receive severity 1 support at any time, email [email protected]. When contacting us, please include the nature of the service outage or security risk, a link to the impacted environment, and your contact information.Khoros Support Hours & Observed Holidays
Hours of Operation On Severity 1 Service Incidents, Khoros hours of operation are 24/7/365. For all others, standard hours of operation for Khoros Support are as follows (Monday - Friday): Region Hours (Regional) Hours (PST) Americas 6 AM – 6 PM PST 6 AM – 6 PM PST EMEA 7 AM – 6 PM GMT 11 PM - 10 AM PST APAC 7 AM – 4 PM IST 5:30 PM – 2:30 AM PST Additional hours of operation are available with additional support levels or on some grandfathered agreements. Coverage for major holidays, as defined by Khoros regional support, is limited to Severity 1 issues only. Observed Holidays for 2025 Americas New Year’s Day (observed) January 1 Martin Luther King Jr. Day January 20 President’s Day February 17 Spring Holiday April 18 Memorial Day May 26 Juneteenth June 19 Independence Day July 4 Labor Day September 1 Thanksgiving Day November 27 Day after Thanksgiving November 28 Christmas Eve December 24 Christmas Day December 25 New Year's Eve December 31 EMEA New Year’s Day January 1 Good Friday April 18 Easter Monday April 21 May Bank Holiday May 5 Spring Bank Holiday May 26 Juneteenth June 19 Summer Bank Holiday August 25 Christmas Day December 25 Boxing Day December 26 APAC New Year's Day January 1 Australia Day January 27 Good Friday April 18 Easter Monday April 21 Anzac Day April 25 King's Birthday June 9 Juneteenth June 19 Bank Holiday August 4 Labour Day October 6 Christmas December 25 Boxing Day December 26 Take special note to the holidays based on your location, as they may differ from public holidays in your specific country. Example: If your organization falls within the EMEA region (including, but not limited to UK, France, Germany, Switzerland), all days listed under EMEA are holidays Khoros Support will be observing that year. Standard support coverage will resume on the next business day. Note: We're prepared to support any severity level 1 issue all year round, 24x7x365. Should the need for this arise, be sure to include the nature of the service outage or security risk, a link to the impacted environment, and your contact information. To receive severity 1 support at any time, email [email protected].31KViews9likes4Comments
Featured Places
Release Notes & Updates
Review release notes and updates for all of our products! Select a tag to browse by product or resource type.Events & Webinars
Learn more about your Khoros solution with helpful webinars and special eventsLearn
Access training and documentation for all of our productsEducation & Training
Self-service first product education experiences to maximize Khoros product adoptionRelease Notes & Updates
Review release notes and updates for all of our products! Select a tag to browse by product or resource type.Khoros Communities - Aurora Docs
Learn the Aurora version of Khoros Communities. Utilize user guides to navigate to helpful content.Aurora AI Docs (Early Access)
Learn the new Aurora AI features in Khoros Aurora. Currently all features are in Early Access and can be activated upon request through your CSMAbout Atlas
Learn more about the Atlas community with helpful resources and guidelines
Events
No events to show