Vendor IDs
Datafly.js collects and generates vendor-compatible identifiers so that server-side event delivery maintains the same user matching quality as client-side vendor pixels. This is a key feature that enables Datafly to replace vendor tags without losing attribution accuracy.
How vendor IDs work
When a user first visits your site, Datafly.js:
- Captures click IDs from the URL query parameters (e.g.,
gclidfrom a Google Ads click) - Reads existing vendor cookies if present (e.g.,
_gafrom a previous Google Analytics installation) - Self-generates vendor IDs in the correct format where the vendor’s own cookie is not present
- Sends all IDs with the first event to the Ingestion Gateway
- The server stores IDs in Redis and sets them as server-side cookies via
Set-Cookieheaders
On subsequent visits, vendor IDs are recovered from the server-set cookies, which are first-party and ITP-exempt.
Self-generated IDs
Datafly.js generates vendor-compatible identifiers locally when the vendor’s own cookie is not already present. These IDs use the exact same format as the vendor would generate, so they are accepted by vendor APIs.
| Vendor | ID name | Cookie name | Format | TTL |
|---|---|---|---|---|
| Google Analytics 4 | client_id | _ga | GA1.2.{random}.{timestamp} | 2 years |
| Meta (Facebook) | fbp | _fbp | fb.1.{timestamp_ms}.{random_10} | 90 days |
| Meta (Facebook) | fbc | _fbc | fb.1.{timestamp_ms}.{fbclid} | 90 days |
| TikTok | ttp | _ttp | UUID v4 | 13 months |
_pin_unauth | _pin_unauth | UUID v4 | 365 days | |
| Snapchat | _scid | _scid | UUID v4 | 13 months |
Self-generated IDs are only created when the vendor’s own cookie is not already present on the page. If you previously had a vendor’s pixel installed and the user has an existing cookie, Datafly.js reads and preserves that value for continuity.
How self-generation works
Each vendor’s ID format is publicly documented. Datafly.js replicates the exact format:
// Meta _fbp format: fb.{subdomainIndex}.{creationTime}.{random10Digits}
// Example: fb.1.1709312400000.1234567890
// GA4 client_id: extracted from _ga cookie
// Format: GA1.2.{randomPart1}.{randomPart2}
// TikTok _ttp: standard UUID v4
// Example: 550e8400-e29b-41d4-a716-446655440000These IDs are sent to the server on the first event and stored in Redis. The Ingestion Gateway sets them back as first-party cookies via Set-Cookie headers on the response, ensuring they persist across sessions with full first-party cookie lifetime.
Click ID capture
When a user arrives at your site from a paid ad, the ad platform appends a click ID to the URL. Datafly.js automatically extracts these on first visit:
| Parameter | Vendor | Example URL |
|---|---|---|
gclid | Google Ads | example.com/?gclid=EAIaIQobChMI... |
fbclid | Meta (Facebook) | example.com/?fbclid=IwAR3... |
ttclid | TikTok | example.com/?ttclid=E.CP... |
epik | example.com/?epik=dj0yJn... | |
ScCid | Snapchat | example.com/?ScCid=abc123 |
li_fat_id | example.com/?li_fat_id=abc123 |
Click IDs are critical for conversion attribution. They link a specific ad click to subsequent conversion events, enabling accurate ROAS reporting.
Click ID lifecycle
1. User clicks ad on Google
└─> Lands on: example.com/?gclid=EAIaIQobChMI...
2. Datafly.js extracts gclid from URL parameters
3. gclid is sent with the first event to Ingestion Gateway
4. Server stores gclid in Redis (keyed by anonymous_id)
└─> Also set as first-party cookie via Set-Cookie header
5. User later completes a purchase
└─> _df.track('Order Completed', { revenue: 99.99 })
6. Delivery Worker retrieves stored gclid for this user
└─> Sends to Google Ads API with the conversion event
7. Google Ads matches the conversion to the original clickServer-proxied enrichment
For vendors that require authenticated API access to resolve identity data, Datafly supports server-proxied enrichment. These calls happen server-side, not in the browser:
| Provider | What it does | Credential |
|---|---|---|
| Acxiom | Identity resolution and audience enrichment | API key |
| LiveRamp | ATS (Authenticated Traffic Solution) identity | API key + contract |
| UID2 | Unified ID 2.0 token generation | API key |
Server-proxied enrichment is configured per source in the management UI under Sources > Identity Enrichment. The credentials are stored securely and never exposed to the browser.
Storage
Vendor IDs are stored in multiple layers for resilience:
| Layer | Purpose | Lifetime |
|---|---|---|
| Server-set cookie | Primary storage, first-party, ITP-exempt | Per vendor (90 days — 2 years) |
| Redis (server) | Canonical store, keyed by anonymous_id | Per vendor TTL |
| localStorage (client) | Fallback if cookies are cleared | Until cleared |
The server-set cookie is the authoritative source. When Datafly.js loads, it first checks for the server-set cookie. If found, it uses that value. If not, it falls back to localStorage, and if that is also empty, it self-generates a new ID.
The _dfid cookie (the anonymous identity cookie) is set by the server via the Set-Cookie header with HttpOnly, Secure, and SameSite=Lax flags. This makes it exempt from Safari’s ITP 7-day expiration for client-set cookies. Vendor ID cookies follow the same pattern.
Per-source vendor modules
Not every site needs IDs for every vendor. In the management UI, you configure which vendors each source delivers to. Custom builds of Datafly.js only include the ID generation modules for the selected vendors.
For example, if a source only sends data to GA4 and Meta:
- Included: GA4
client_idparsing, Metafbp/fbcgeneration,gclidandfbclidcapture - Excluded: TikTok
ttp, Pinterest_pin_unauth, Snapchat_scid,ttclid,epik,ScCid
This reduces the script size and the number of cookies set on the domain.
Vendor IDs in the event payload
Vendor IDs are attached to the first event’s context.vendor_ids field:
{
"type": "page",
"context": {
"vendor_ids": {
"ga_client_id": "1234567890.1709312400",
"fbp": "fb.1.1709312400000.1234567890",
"gclid": "EAIaIQobChMI...",
"fbclid": "IwAR3..."
}
}
}After the first event, vendor IDs are stored server-side and are not re-sent with every event. The server retrieves them from Redis when preparing events for vendor delivery.