Custom Tracking Domain (CTD)

What is the purpose of custom tracking domain

Custom tracking domain (CTD) is a way to maintain reliable tracking, data quality and a single customer view compatible with the tracking protection mechanisms introduced by browsers, such as Safari's Intelligent Tracking Prevention (ITP) or Mozilla's Enhanced Tracking Protection (ETP) or many ad blockers. Measures taken by the browsers primarily aim to protect the user's privacy and as a result, change the way cookies are handled. Since browsers are becoming more privacy-conscious, Bloomreach Engagement and its use of "cookie" has to adapt as well. The custom tracking domain enables the switch from JavaScript cookies to HTTP cookies.

📘

CTD restores the original state of your standard tracking, but not cross-domain tracking.

How does it work

To make your cookie resistant against ITP and similar measures you can use your subdomain as a custom tracking domain (CTD) for front-end tracking. This gives you the ability to set server-side cookies by Bloomreach Engagement API under your first-party custom tracking domain such as analytics-api.yourdomain.com ( \*.yourdomain.com ), making the Bloomreach Engagement cookie a first-party server-side cookie resistant to tracking preventions.

Most commonly, Bloomreach Engagement uses the api.exponea.com domain to serve JS SDK, service worker for web push notifications, and all of our API endpoints (this may differ for single tenant instances) However, you can configure a custom tracking domain for each top-level domain of each website that you are tracking.

Bloomreach Engagement uses two cookies of different types to maintain the customer identity a client-side __etc_exponea__ and server-side xnpe_<project_id> cookie. Both cookies will hold the same value but can have different expiration. When using CTD, the server-side xnpe_<project_id> cookie will have a long expiry and ensure consistent tracking of anonymous users. The __etc_exponea__ will be still capped to the 7-day expiration on Safari and upon next visit will be renewed based on the xnpe_<project_id> cookie.

Default example:
Website: www.myeshop.com

  • Tracking API set to api.exponea.com
  • JS SDK loaded from https://api.exponea.com/js/exponea.min.js
  • JS SDK creates document cookie on domain .myeshop.com
    • Name: etc_exponea
    • Domain: .myeshop.com
    • Set by: SDK using document.cookie
    • Type: client-side, first-party
    • Expiry: 3 years (default) or your configured custom expiration, for some browsers it can be capped to shorter expiry (7 days on Safari), once this cookie expires the identity is lost

Custom tracking domain example:
Website www.myeshop.com and custom tracking domain analytics-api.myeshop.com

  • Tracking API set to analytics-api.myeshop.com
  • JS SDK loaded from https://analytics-api.myeshop.com/js/exponea.min.js
  • Tracking API creates server-side cookie on domain .myeshop.com
    • Name: xnpe_<project_id>
    • Domain: .myeshop.com
    • Set by: Tracking API
    • Type: server-side, first-party
    • Expiry: 3 years (default) or your configured custom expiration
  • JS SDK creates document cookie on domain .myeshop.com
    • Name: __etc_exponea__
    • Domain: .myeshop.com
    • Set by: JS API document.cookie
    • Type: client-side, first-party
    • Expiry: 3 years (default) or your configured custom expiration, for some browsers it can be capped to shorter expiry (7 days on Safari), upon expiry it will be renewed based on the xnpe_<project_id> cookie
  • Both __etc_exponea__ and xnpe_<project_id> will hold the same value

How to set up a custom tracking domain

The set up differs for the type of instance you are using:
Multi Tenant instance
Single Tenant instance

If you are not sure which guide to follow go to Project settings -> General -> General project settings as seen in the picture below and check whether you see the Custom tracking domain setting, if yes follow the multi tenant instance guide, if not follow the single tenant instance guide.

🚧

If you intend to use the same subdomain as the custom tracking domain across your projects, it is enough to set the NS DNS records only for one project. After the SSL certificate is issued, CTD subdomain will become active for all projects within your account.

Cross-domain tracking

Tracking prevention measures are primarily aimed to disable covert data tracking and collection of user data across domains. Therefore, these measures also directly influence our feature shared cookies that enabled cross-domain tracking of anonymous users for clients that operate multiple websites. By using CTD the shared cookies functionality is effectively eliminated as those solutions are not compatible. However, this means only cross-domain tracking for anonymous users via cookies is not possible, but you are still able to track customers across your domains via identification e.g motivate your customers to log in.