This is a new service - your feedback will help us to improve it.

  1. Home
  2. Cookies


The Department for Education’s (DfE) Find and Use an API service puts small files (known as 'cookies') onto your computer to collect information about how you browse the site. Find out more about the cookies we use, what they're for and when they expire.

Cookies that measure website use

We use Microsoft Azure Application Insights analytics to help us understand how the Find and Use an API service is being used and how it is performing. Any details that could personally identify you are removed from this information.

This helps us to:

  • understand how the application is being used to continuously improve the user journey
  • detect and diagnose performance issues
  • improve the site and Government Digital Services

Application Insights stores information about:

  • how you got to the site
  • the pages you visit on the Find and Use an API service and how long you spend on them
  • what you click on while you’re visiting the site

We use 2 Application Insight cookies to count how many people visit the site:

  • ai_session: Keeps track of how many users are accessing the application over time. Expires after 30 minutes.
  • ai_user: Collects statistical usage and telemetry information. Expires after 1 year.

Essential cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They do not store any information that could identify you.

Essential cookies are usually only set if you request a service. For example; setting your privacy preferences, logging in to the system or filling in forms.

You can set your browser to block or alert you about these cookies, but then some parts of the site will not work.

We use 2 essential cookies, set by websites running on the Windows Azure cloud platform. These are:

  • ARRAffinity: Set by Azure App Service to choose the right instance established by the user. This cookie is used to detect and defend when a client attempts to replay a cookie - expires after session.
  • ARRAffinitySameSite: Used for load balancing to make sure your page requests are routed to the same server in any browsing session. Expires when you close your browser - expires after session.

We use one cookie, set by Microsoft to enable users to log in, authenticate and access secured Web APIs. This is:

Access_token: Stores the authentication cookie used by Microsoft Authentication Library to acquire security tokens from Microsoft Identity Platform – expires after session.

You might see a message at the top of the website on your first visit. We store a cookie on your computer, so it knows you've seen it and not to show it again. This is:

  • Set-banner-message: Hides the cookie banner on your first visit to the website - expires after 1 month.

Cookies message

The cookies message banner will ask you to accept cookies or review your settings when you visit the Find and Use an API service.

We have 2 cookies that tell your computer you’ve seen the banner and not to show it again:

  • cookies_policy - saves your cookie consent settings - expires after one year
  • cookies_preferences_set - tells us you’ve saved your cookie consent settings - expires after one year