We’ve enabled the Heatmap & Session Recording plugin in Matomo and configured it for specific pages. However, we’ve noticed that no cookie related to the plugin is being set in the browser, even though tracking should be active.
We’ve reviewed the documentation and understand that the plugin may set cookies depending on configuration and consent settings. But in our case:
The plugin is enabled and configured.
Tracking is active on the target pages.
No cookie appears in the browser (even after multiple page views).
Questions:
Under what exact conditions does the Heatmap plugin set a cookie?
Is there a specific configuration or consent mechanism required to trigger cookie creation?
Could the absence of a cookie indicate that tracking is not functioning correctly?
Any insights or troubleshooting tips would be greatly appreciated!
Hello @zepply When you record sessions, a first party cookie will be set for the duration of the visit named _pk_hsr. This cookie is needed to ensure that all page views within a users’ session will be recorded. The cookie will be only set as soon as a user has reached a configured entry page. If you disable cookies via the tracking code, the plugin will respect this setting and not set a cookie. As a result, not all page views within a session may be recorded if you set a sample rate of lower than 100% or configure an entry page. A possibly configured cookie domain or cookie path will be respected. Learn more about Matomo (Piwik) JavaScript Tracker cookies.
Hi @Emerson_N thank you very much for your answer.
This is the problem: We are using cookies AND we had the sample size set to 100% and we still couldnt see the cookie.
We are using Usercentrics in this setup which has an auto-detection scanner for newly set cookies. However our system did not show any new cookies. Can there be any problems with tools like usercentrics?
This is why we are confused on how to trigger the cookie to be set by the heatmap plugin.
The cookie is set by the same domain as the pk_id, pk_ref and pk_ses? Just to make sure its not being blocked by the application itself.
Thank you again for the quick answer and kind regards
Hi @zepply, thanks for clarifying and sharing more details.
If you’re already using cookies with a 100% sample size, then normally the heatmap/recording cookie should indeed be set. In Matomo, this cookie is created on the same domain as the standard tracking cookies (_pk_id, _pk_ref, _pk_ses), so it should not be blocked by the application itself.
That said, some consent management platforms like Usercentrics can sometimes interfere—either by delaying, blocking, or not detecting certain cookies (especially if they are only set after a specific trigger, e.g. when a recording starts). It’s possible that Usercentrics’ scanner doesn’t catch this cookie immediately since it’s not set on every visit, but only when the conditions for heatmaps/session recording are met.
To confirm:
The cookie should appear in the same domain as your other Matomo cookies.
If you don’t see it at all, it may be because no recording/heatmap was triggered yet, or because Usercentrics is preventing it from being set.
You might want to try visiting the site in a fresh session (with consent given), perform actions that should trigger a recording, and then check the browser’s developer tools → Application → Cookies directly to see if it appears, bypassing the Usercentrics scanner.
We’ve checked the behavior in different environments and found the cause:
The Heatmap plugin alone does not set any cookie. A cookie is only created when a Session Recording is also enabled.
As we are using only Heatmaps at the moment, it’s normal that no cookie is set i guess.
My interpretation of this being the intentional behaviour is, that we are just re-visualizing the already collected data and not collecting any more data.
Thanks for checking this so thoroughly — your interpretation is absolutely correct.
The Heatmap feature in Matomo doesn’t set cookies or collect any additional personal data on its own. It works by visualizing aggregated interaction data (clicks, scrolls, mouse movements, etc.) that have already been captured through the standard Matomo tracking setup.
A cookie is only created when Session Recordings are enabled, since those recordings require session identifiers to replay individual user interactions.
So yes — if you’re only using Heatmaps (without Session Recordings), then there’s no need to request additional consent beyond what you already have for your standard analytics tracking. The behavior you’re seeing is intentional and compliant with Matomo’s privacy-by-design principles.