Storyblok

Storyblok

Storyblok is a headless CMS with a visual editing interface. Scripts enable live preview and inline content editing for authenticated editors in Storyblok Studio. Sets authentication cookies for editor sessions. End users in production receive no tracking from Storyblok scripts.

Back to Vendor Library

Overview

Storyblok is a headless content management system distinguished by its visual editing interface, Storyblok Studio. Unlike traditional CMSs that serve rendered pages, Storyblok delivers content via API to frontend frameworks (Next.js, Nuxt, Astro, etc.) while providing content editors with a real-time visual preview of their changes. On production websites, Storyblok's script footprint is minimal — the editing bridge scripts only load for authenticated editors in preview mode. End users visiting the published site typically receive no Storyblok scripts or cookies.

What This Script Does

Storyblok's JavaScript bridge (storyblok-js-client or the @storyblok/js SDK) loads in two distinct contexts:

Editor/preview mode (authenticated editors only):

  • Loads the Storyblok Bridge script from app.storyblok.com to enable real-time visual editing
  • Establishes a postMessage communication channel between the editor iframe and the preview site
  • Enables click-to-edit functionality, drag-and-drop component reordering, and live content updates
  • Sets authentication cookies for the editor's Storyblok session

Production mode (public visitors):

  • No Storyblok scripts are loaded on production builds in most implementations
  • Content is fetched at build time (SSG) or server-side (SSR) and delivered as static HTML
  • No cookies are set on the visitor's browser

Cookies set (editor mode only):

  • Session authentication cookies scoped to app.storyblok.com
  • Preview token cookies for authenticating draft content API requests
  • No cookies are set for public visitors in production

Consent & Compliance

Storyblok falls under the functional consent category. Under GDPR and the ePrivacy Directive, the editor bridge scripts and authentication cookies serve the functional purpose of content management — a tool used by authenticated team members, not public visitors. Since production visitors typically receive no Storyblok scripts or cookies, there is no consent obligation for the public-facing site.

If your implementation loads the Storyblok Bridge on production (for example, to enable in-context editing on the live site for logged-in editors), the authentication cookies are scoped to the editor's session and serve a functional purpose.

Under CCPA/CPRA, Storyblok's data processing is limited to content delivery and editor authentication, neither of which involves collecting visitor personal information.

Should You Block This Without Consent?

No. Storyblok's scripts are functional editing tools that only load for authenticated content editors, not public visitors. In production, no scripts or cookies are served to visitors. There is no tracking, analytics, or marketing data collection to block. If the Storyblok Bridge loads on production for editor preview purposes, the authentication cookies are functional and exempt from consent requirements.

Visit website

Consent Categories

Functional

Also Known As

storyblokstory blokheadless CMSstoryblok visual editorstoryblok studio

Industries

Computers Electronics and TechnologyProgramming and Developer Software

Tracked Domains (1)

storyblok.comFunctional

Frequently Asked Questions

Does Storyblok require cookie consent?

No. Storyblok scripts only load for authenticated content editors in preview mode — not for public visitors. In production, content is fetched server-side and no cookies are set on visitor browsers, so no consent is required.

What cookies does Storyblok set?

Storyblok sets session authentication cookies and preview token cookies scoped to app.storyblok.com, but only for authenticated editors. Public website visitors receive no Storyblok cookies in production deployments.

How does ConsentStack handle Storyblok?

ConsentStack classifies Storyblok as functional. Since production visitors receive no Storyblok scripts or cookies, ConsentStack has nothing to block. Editor bridge scripts in preview mode are functional tools exempt from visitor consent requirements.

Related Vendors

Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Apple Maps JS
Apple Maps JS
Apple Maps JS is Apple's JavaScript mapping framework for embedding interactive maps on websites. Scripts load map tiles, location pins, and routing data from Apple's MapKit servers to render navigable maps within web pages. Requires a MapKit JS token for authentication but does not set tracking cookies or collect behavioral analytics data.
Apple Business Chat
Apple Business Chat
Apple Business Chat enables direct customer messaging between websites and Apple's Messages app. Scripts load chat buttons and conversation interfaces that connect visitors to business support agents through iMessage. Sets minimal session cookies to maintain conversation context but does not track browsing behavior or collect analytics data.

Manage consent for Storyblok

ConsentStack automatically detects and manages Storyblok trackers so your site stays compliant with global privacy regulations.

Get started free