Magnolia

Magnolia

Magnolia is an enterprise content management system that serves web page content and digital experiences. Its frontend scripts may include personalization engines that track visitor behavior, set cookies for session management and content targeting, and make server requests to deliver tailored content based on user segments.

Back to Vendor Library

Overview

Magnolia CMS is an enterprise content management platform with a substantial market presence in Europe, particularly among large organizations in retail, finance, and media. Unlike headless CMS tools that operate purely as APIs, Magnolia deploys frontend personalization engines that run in the visitor's browser, making it directly relevant to cookie consent compliance. The platform's Personalization and Experience modules create behavioral profiles to segment visitors and deliver targeted content variants.

What This Script Does

Magnolia's client-side scripts serve two distinct functions: session management for the CMS itself, and behavioral data collection for its personalization engine.

Session and functional cookies: Magnolia sets server-side session cookies (typically JSESSIONID or equivalent) to maintain visitor sessions when authenticated users access the CMS interface. These are essential for application functionality and are scoped to the session.

Personalization tracking: The Magnolia Personalization module runs client-side scripts that observe visitor behavior — pages viewed, content categories browsed, time on page, and referral sources. This data feeds into visitor segment definitions, which the CMS uses to select content variants. Depending on configuration, a visitor identifier cookie may be set to persist segment assignments across sessions. This cookie can have a multi-day or multi-week expiry.

Network requests: Personalization scripts may make asynchronous requests to the Magnolia backend to fetch content variants or report behavioral events. These requests occur on the same domain as the host application in most deployments.

Analytics integration: Magnolia integrates with analytics platforms and can forward behavioral data to connected systems as part of its digital experience platform capabilities.

Consent & Compliance

GDPR and ePrivacy Directive: Magnolia's session management cookies are essential and do not require consent. However, the Personalization module's behavioral tracking cookies and cross-session visitor identification fall squarely within the ePrivacy Directive's consent requirement. These cookies track individual behavior to build profiles, which requires prior explicit consent. Under GDPR, personalization based on behavioral profiling requires either consent (Article 6(1)(a)) or a legitimate interests assessment that withstands the balancing test — consent is the safer legal basis for commercial personalization.

CCPA/CPRA: Behavioral data collected for personalization constitutes personal information under CCPA. If Magnolia's scripts share visitor behavioral data with Magnolia's own servers for analytics, this may constitute "sharing" for cross-context behavioral advertising purposes depending on how the data is used downstream.

Consent category: functional and analytics (mixed). Session cookies are essential. Personalization and behavioral tracking cookies require consent.

Should You Block This Without Consent?

Conditional.

Magnolia's core session management scripts are essential and should not be blocked. The Personalization and behavioral analytics components require consent before activation. Implement consent controls that allow the CMS session layer to function while blocking personalization scripts until the visitor opts in to functional and analytics cookies.

Visit website

Consent Categories

Functional
Analytics

Also Known As

magnolia cmsmagnolia content managementmagnolia personalizationenterprise cms trackingmagnolia digital experience

Industries

E-commerce and ShoppingArts and EntertainmentComputers Electronics and TechnologyBusiness and Consumer ServicesHeavy Industry and Engineering

Tracked Domains (1)

magnolia-cms.comFunctional

Frequently Asked Questions

Is consent required for Magnolia on my website?

Yes, partially. Magnolia's personalization and behavioral analytics components require consent under GDPR and ePrivacy. Session management cookies are essential and exempt. The analytics and functional tracking categories both apply depending on which Magnolia modules are active.

What cookies does Magnolia set?

Magnolia sets session cookies such as JSESSIONID for CMS session management. The Personalization module adds visitor identifier cookies with multi-day or multi-week expiry to persist segment assignments. These tracking cookies observe pages viewed, referral sources, and time on page.

How does ConsentStack manage Magnolia consent?

ConsentStack categorizes Magnolia under functional and analytics. It detects Magnolia's personalization scripts and blocks the behavioral tracking components until consent is granted, while allowing essential session cookies to function so the CMS layer remains operational.

Related Vendors

Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Power Apps
Microsoft Power Apps
Microsoft Power Apps is a low-code application development platform that enables embedded business applications on websites. Scripts load custom app interfaces from Microsoft's cloud, render form controls and data views, and connect to backend data sources through Power Platform connectors. Sets session cookies to maintain application state and user authentication.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Microsoft Viva
Microsoft Viva
Microsoft Viva is an employee experience platform that surfaces on websites through embedded engagement and learning modules. Scripts load content feeds and knowledge cards from Microsoft's cloud infrastructure. Sets authentication cookies for user identity and personalized workplace content delivery.

Manage consent for Magnolia

ConsentStack automatically detects and manages Magnolia trackers so your site stays compliant with global privacy regulations.

Get started free