first party cookie

First-Party Cookies in Pardot: FAQs About the New Beta

First-Party Cookies in Pardot: FAQs About the New Beta

min. reading

As part of the Salesforce Summer ’20 release, Pardot announced support for first-party cookies in an open beta.

Some Pardot users’ reaction to the news:

YAY!

The rest of Pardot users’ reactions:

Wait, what is this and do I care?

If you’re among the latter group… read on to learn what this is, why it matters, and how to enable it if you’re interested in joining the beta.

A browser cookie is a small bit of text that a website leaves with the browser so the website can ‘remember’ who you are. It’s kinda like when you give a valet your keys — they attach a number to your keys, keep them, and then they hand you the slip with the same number.  

When you come visit this website, Pardot sets a tracking cookie. The current embed code is using ‘go.pardot.com,’ so the tracking cookie is attached to the Pardot domain. From the point of view of our website, it’s a third party cookie, because it’s a Pardot branded cookie.

Continuing with the analogy — it’s like the valet is wearing a Pardot shirt. We’re asked them to hand out numbers to website visitors, but we’re not from the same company.

This is how it’s always been, but with the introduction of first-party cookies in Pardot, we can do this a different way. Instead, we can use our own domain for setting the Pardot tracking cookie and generate First-Party tracking cookies. It’s as if the valet is now wearing a shirt with our brand on it.

Why do first-party cookies matter?

In a word? Trust.

Right now both Firefox and Safari don’t ‘trust’ third-party cookies. We don’t get prospect tracking if prospects are using these browsers. In the future, Chrome will no longer support third party cookies.  

Switching from third party to first party cookie tracking improves the security of the internet. It’s a huge shift — but browsers are making this difficult transition happen, and marketers need to keep pace.

Who is eligible for the beta?

All Pardot instances. This is an OPEN BETA which means you can opt yourself in.

Beta features are called that because they may not be perfect yet. There is a risk that things go horribly wrong (okay horribly may be hyperbole, but you get the idea.)

If it’s difficult for you to make changes to your website quickly, maybe skip the beta or at least don’t participate early. 

Not all features of Pardot may be supported in a beta, for example, Help & Training states that iframed forms will not be tracked during the beta under First Party Cookies in some circumstances.

What do I need to do to sign up for the beta?

You can self-service enable this in your own account. Here’s the step-by-step:

1. Enable first-party tracking beta in account settings

In Pardot, go to your Account Settings, and click Edit.

Near the bottom of the first section you will find a checkbox for First-Party Tracking (BETA). Enable the checkbox. 

When you check the box, a couple new options will appear. For now, leave the Enable third-party cookies checked, as we don’t want to break anything already deployed.

Scroll down a bit more, and click Save Account.

2. Update or create existing tracker domains

Next, go to Admin > Domain Management.

Look for the tracker domain you want to use First-Party tracking with, then click on the domain. In our example, we are going to turn it on for tracker-example.sercante.com.  

Note: First-Party Tracking will only work if the subdomain of the website in Pardot matches the domain of website you’re embedding the tracking on.

Example: for the subdomain www.sercante.com the domain is sercante.com, and for the subdomain tracker-example.sercante.com the domain also is sercante.com. The 2 match, so First-Party Tracking works.

Click the gear icon to edit.

If you don’t already have a Default Campaign, choose one now.

Click Update Tracker Domain.

3. Put the first-party tracking code on your website

Ok great, now you have your Tracker Domain setup! It is time to get the tracking code that you will put on the website.

In Pardot, go back to your list of tracker domains. Scroll down to the bottom and there is a section for Tracking Code Generator.

Pick the tracker domain you want to generate code for, and optionally, change the campaign. Paste this code in your website CMS, Google Tag Manager, or wherever you currently have your Pardot tracking code placed.

What does this new tracking code do?

You may notice that this code looks slightly different than what you currently have on your website. What this code (Javascript) does is sets up 3 key pieces of information and then tries to load the actual Pardot tracking code.

piAId = your Pardot Account ID. This will not change for any tracking code used for this Pardot Business Unit / Instance

piCId = an optional override of the Campaign Id used for tracking the source campaign for new conversions

piHostname = the tracker domain that is used later in the script to download the real tracking code.

This is essentially what Pardot needs to track visitor activity on your specific website, linked back to your specific Pardot account.

Are there any gotchas with first-party cookies in Pardot?

If you have multiple domains, be aware that with first party cookie tracking, converting a prospect on one of your sites will no longer track prospect activity on your other website(s) automatically.

For example: the cookies at Sercante.com will no longer trace user activity at TheSpotForPardot.com. Both can have first party cookies embedded, but visitor association would need to take place on both sites to track prospects across both.

Wait, is this a good thing or a bad thing?

Both. And neither?

The move toward first party cookies poses new challenges for marketers, but is a win for data privacy and for us as individuals. While this is an optional change now, many browsers are starting to block third party cookies altogether or have announced timelines when they’ll start doing so — so better to get ahead of this now.

Firefox and Safari already block third party cookies. If you have a larger Safari/Firefox user base, this is exactly the magic we have been waiting for.

Chrome is not far behind. They delayed their timeline for rollout as a repreive for marketers during COVID-19, but are planning to gradually phase third part cookies out altogether.

Have you enabled it, and have a story to share? Thinking about enabling it, and still have more questions?

Let us know in the comments!

Subscribe to The Spot

This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is hidden when viewing the form
This field is for validation purposes and should be left unchanged.

Upcoming Salesforce Events

Salesforce Training Courses

Categories

Top 5 Recent Posts

  • Adam Erstelle is a Developer with Sercante. He loves learning about and solving really interesting challenges with Pardot and Salesforce often by building some cool tools.

  • Comment (8)
  • Thanks for this write-up! It’s funny, we had seen a dramatic drop-off in the amount of page view activity appearing in Engagement History and I was investigating why. I experimented with altering the piHostname and s.src lines of the tracking code to replace the “pi.pardot.com” with our own company tracking domain. And now I’m seeing the visit activity again!

    However, I haven’t actually enabled first party cookies within Pardot yet, so a little unsure of the full-impact for now… do you have any thoughts on this?

    • I don’t know the implications on this.

      The javascript embed code old to new is the same other than the new domain name. So you should be good on that part.

      There are a few options when you turn this feature on that you can select. From your description Pardot is acting like it is operating under the default options when we turn this feature on.

      Using software features outside of documented process has risk. This may work for you today, and tomorrow maybe something gets changed and it will stop working as it currently is.

      I am now curious and want to test what you are seeing. Thanks for the comment!

      • I’ve actually gone right ahead and enabled first-party cookies now, leaving third-party cookies enabled as we have Pardot forms embedded on our blog posts.

        What I find interesting is that I see two almost identical calls to /analytics.js from pi.pardot.com and our company tracker domain (because of the 3rd party cookies being enabled?). The former is blocked by adblockers and the latter not. So progress at least.

        Looking forward to see how this develops over the next few months!

    • The new method is intended to replace the old, so you’ll want to swap them, at the very least to minimize clutter in your code. And keep in mind the legacy method won’t work as well in the future, as browsers continue to update their security features.

    • I’m not aware of any performance differences. Pardot’s legacy tracking code was set to run asynchronously, after everything else on the page had completed, so I think page-load impact was largely minimized that way. I’ll be curious if any differences show up in the metrics!

Leave Your Comment

Related Articles

Bot Single Post