LoginRadius

Overview

LoginRadius provides cloud-based customer identity and access management (CIAM) infrastructure. The platform handles user authentication workflows including traditional email/password login, social login via providers like Google and Facebook, passwordless authentication, and single sign-on (SSO) across multiple applications. LoginRadius also provides user profile management, progressive profiling, and consent management features.

What This Script Does

LoginRadius's JavaScript SDK loads from cdn.loginradius.com and initializes authentication interfaces on the host website. The script renders login forms, registration widgets, social login buttons, and password reset flows based on the site's configuration.

The SDK sets cookies and local storage tokens to manage authentication state. Session tokens (typically lr-session-token and related keys) maintain the logged-in state across page navigations. These are essential for the authentication flow and are set as first-party cookies on the host domain.

When social login is configured, the script redirects to third-party OAuth providers and handles the callback token exchange. The SDK communicates with LoginRadius's API at api.loginradius.com to validate credentials, issue session tokens, and retrieve user profile data.

LoginRadius stores user profile information including email addresses, names, social profile data, and authentication history on its cloud infrastructure. The script may also collect device metadata and IP addresses for security features like brute-force protection and suspicious login detection.

Consent & Compliance

LoginRadius serves an essential function — user authentication and access control. The session tokens and authentication cookies are strictly necessary for the website to function when login is required. Without these, users cannot authenticate or maintain their logged-in state.

Under GDPR, authentication cookies qualify for the "strictly necessary" exemption from consent requirements under the ePrivacy Directive. The processing of login credentials and session management has a clear legal basis in contractual necessity. Under CCPA, the collection of authentication data falls within the service provider exemption when processed solely for providing the authentication service.

The consent category is essential and functional.

Should You Block This Without Consent?

No. LoginRadius provides authentication infrastructure that is essential for websites requiring user login. Its cookies manage session state and authentication tokens — functions that are strictly necessary for the service to operate. Blocking LoginRadius without consent would prevent users from logging in, fundamentally breaking the website's access control. No consent is required for these essential authentication functions.