Every business wants a healthy email list for communication. One of the ways to ensure this is having double opt-in implemented. This step-by-step guide will help you to create a double opt-in scenario for your website.

Watch this short introductory video about this feature:





A prerequisite for using the double opt-in is to have email value as ID.

# Why you should use double opt-in

When someone fills in an email address into your website’s signup field, you shouldn’t sign them up directly. Instead, it is strongly recommended to send a confirmation email to their inbox to double check they are the owners of that email address.

This way, your email database will be healthier, containing a larger percentage of active users. This improves your sender reputation, deliverability and significantly decreases any risks related to GDPR-related complaints.

# How to do this in Bloomreach Engagement

We will show you how to create an automatic [Scenario](🔗) that will send a confirmation email to the subscriber. When they click "confirm subscription" in the email, the appropriate consents will be assigned to their profile.


RequirementsColumn Title
**Overview**You will need to: _ Set up tracking of a new event using API (preferably) or JS _ Create a scenario with webhooks \* Create 2 simple aggregates
**Bloomreach Engagement skills**Intermediate - we will show you step-by-step how to create every part of this use case. However, you will need a technical person to set up the tracking. We assume you can navigate and work with basic functions in Bloomreach Engagement.
**Data and tracking**_ Tracking of the event `double_opt_in` with attributes: `action`, `consent_list`, `email` and `source`. _ [**Consent management**](🔗) enabled and running. \* Email template for the confirmation email.



This scenario works only if you identify your customers (`registered`) by their **email address**. If not, contact us for more information.

(Script tags will be stripped)





Read more about tracking objects [here](🔗). Read more about the structure of consent events [here](🔗).

(Script tags will be stripped)

200




(Script tags will be stripped)






The webhooks are set according to the [Batch commands](🔗) request to Bloomreach Engagement Data API.

(Script tags will be stripped)





(Script tags will be stripped)

1339


(Script tags will be stripped)

(Script tags will be stripped)

1223


"campaign_url" must mirror the URL you used in step 8. "campaign_name" is equal to the name of your scenario.



You might want to use `campaign_id` instead of `campaign_name`. Click [here](🔗) to learn more.



Warning about spam filter bots

Tracking the _consent_ event triggered by a _campaign click_ event have certain limitations. Namely, certain email domains might use spam filter bots, which could automatically scan and click through all email links.

In Bloomreach Engagement, these campaign clicks are indistinguishable from human clicks and therefore some campaign clicks used in double opt-in setup might not originate from the targeted human customer. Thus, for some customers, these false automatic clicks can reduce double opt-in to just single opt-in.

If you want to be more certain, that only a real human confirmed your email, instead of the _trigger by campaign click_, you can implement a small confirmation page with a submit button. After submitting, this page would track the _consent_ event directly (replacing this and the following step).

(Script tags will be stripped)


(Script tags will be stripped)

2644


The first aggregate identifies the customer. The ID is located in URL.

2750


The second aggregate loads and saves all consents that you defined in your tracking.

Great job!

Your scenario is now ready to be launched. Don't forget to test this yourself first.

# Technical reference

The webhooks are set according to the [Batch commands](🔗) request to Bloomreach Engagement Data API.

**Why do you need to use the webhooks instead of a simple scenario?** Using webhooks ensures the highest GDPR-compliant standards to protect your customers' data in case someone else would try to use their email address.

**So what exactly the webhooks do?** This first webhook essentially creates a customer with a hard ID that equals the entered email. If the current user is already identified, they will be automatically merged. If he or she is anonymous (meaning not identified by hard ID), then the new customer in Bloomreach Engagement will be different than the one browsing and submitting the email. This webhook then tracks the event "double_opt_in" with "action = transferred" to that customer.

Once they click "confirm" in the email, these 2 customers are merged, which is done in the webhook "Track consents".