Server-side Cookies

Ensure accurate long-term user tracking and attribution by setting server-side cookies in the RudderStack JavaScript SDK.

  •   2 minute read  

You can now set server-side cookies in the JavaScript SDK, ensuring users are tracked across sessions over time, even when browsers expire client-side cookies.

Web browsers are increasingly implementing user tracking restrictions. For example, Safari’s Intelligent Tracking Prevention (ITP) automatically expires client-side, third-party cookies after 7 days. Suppose one of your visitor’s cookies expire and they return to your website. In that case, RudderStack’s JavaScript SDK sees them as a new user and assigns them a new unique anonymousId- this can create challenges for customer journey tracking, attribution analytics, and identity resolution because the ID and session data would show two users when, in reality, it is the same user returning to your website.

With this release, you can configure the JavaScript SDK to set server-side cookies, which aren’t subject to the client-side cookie expiration timelines enforced by Safari and other browsers.

Read our server-side cookies documentation for more information on this feature.

Workflow

To implement server-side cookies, set theuseServerSideCookies option to true while loading the JavaScript SDK.

rudderanalytics.load(WRITE_KEY, DATA_PLANE_URL, {
  useServerSideCookies: true // Default is false
});
info

Setting server-side cookies requires that you make the cookie request to your website domain.

Most customers use a proxy, but the SDK also supports custom implementations.

How it works

The JavaScript SDK makes explicit POST requests to the server to set cookies via the /rsaRequest endpoint:

The response includes Set-Cookie headers which set the rl_anonymous_id cookie (user’s anonymousId value which is persisted through the server-side cookie).

Questions? Contact us by email or on Slack