Upgrading an existing TCF v1 Configuration to TCF v2_Archived


This article has been replaced with a new and simplified version of the regular documentation for the TCFv2 set up and configuration. Please refer to the newest version to start your TCFv2 implementation. If you already implemented with the below setup we encourage you to review the updated documentation. However, your current implementation remains fully functional with the below configuration.


Sourcepoint's solution for TCF v2 is designed to seamlessly upgrade existing TCF v1 configurations. All TCF v2 user facing elements can be created and managed with the Message Builder v2 which was developed with a view on providing a path to upgrade TCF v1 configurations to the new framework.

Please note: The Sourcepoint proprietary client-side javascript library does not introduce any breaking changes with upgrading to TCF v2. However, the IAB TCF v2 consent library does utilize a new set of functions and generates the "Transparency and Consent String" (TC String) in a different format than the TCF's v1 "daisybit". This means that all consent information collected from users prior to upgrading to TCF v2 will become ineffective and users a being presented with a new TCF v2 compliant consent notification at the time of the upgrade.

The following guide describes the required changes to the Sourcepoint code snippet to upgrade an existing TCF v1 configuration to TCF v2. In order to show a TCF v2 compliant user experience additional setup steps may need to be taken in your Sourcepoint account dashboard.

This guide is based on the standard configuration for the GDPR & TCF v1 implementation:

<script type="text/javascript">
(function () { var e = false; var c = window; var t = document; function r() { if (!c.frames["__cmpLocator"]) { if (t.body) { var a = t.body; var e = t.createElement("iframe"); e.style.cssText = "display:none"; e.name = "__cmpLocator"; a.appendChild(e) } else { setTimeout(r, 5) } } } r(); function p() { var a = arguments; __cmp.a = __cmp.a || []; if (!a.length) { return __cmp.a } else if (a[0] === "ping") { a[2]({ gdprAppliesGlobally: e, cmpLoaded: false }, true) } else { __cmp.a.push([].slice.apply(a)) } } function l(t) { var r = typeof t.data === "string"; try { var a = r ? JSON.parse(t.data) : t.data; if (a.__cmpCall) { var n = a.__cmpCall; c.__cmp(n.command, n.parameter, function (a, e) { var c = { __cmpReturn: { returnValue: a, success: e, callId: n.callId } }; t.source.postMessage(r ? JSON.stringify(c) : c, "*") }) } } catch (a) { } } if (typeof __cmp !== "function") { c.__cmp = p; __cmp.msgHandler = l; c.addEventListener("message", l, false) } })();
window._sp_ = {
config: {
mmsDomain: "https://message{accountIdHere}.sp-prod.net",
cmpOrigin: "https://sourcepoint.mgr.consensu.org",
<script src="https://dialogue.sp-prod.net/messagingWithoutDetection.js"></script>

1. Replace the IAB Stub file with the TCF v2 version

The first section of the snipped contains the so called IAB Stub file, which queues all calls into the consent API and releases them once the consent signal is available. Since the TCF v2 replaces the "__cmp" onsite API with the "__ tcfapi" function, the TCF v1 stub file needs to be replaced with the following TCF v2 version:

<script type="text/javascript">
!function () { var e = function () { var e, t = "__tcfapiLocator", a = [], n = window; for (; n;) { try { if (n.frames[t]) { e = n; break } } catch (e) { } if (n === window.top) break; n = n.parent } e || (!function e() { var a = n.document, r = !!n.frames[t]; if (!r) if (a.body) { var i = a.createElement("iframe"); i.style.cssText = "display:none", i.name = t, a.body.appendChild(i) } else setTimeout(e, 5); return !r }(), n.__tcfapi = function () { for (var e, t = arguments.length, n = new Array(t), r = 0; r < t; r++)n[r] = arguments[r]; if (!n.length) return a; if ("setGdprApplies" === n[0]) n.length > 3 && 2 === parseInt(n[1], 10) && "boolean" == typeof n[3] && (e = n[3], "function" == typeof n[2] && n[2]("set", !0)); else if ("ping" === n[0]) { var i = { gdprApplies: e, cmpLoaded: !1, cmpStatus: "stub" }; "function" == typeof n[2] && n[2](i) } else a.push(n) }, n.addEventListener("message", (function (e) { var t = "string" == typeof e.data, a = {}; try { a = t ? JSON.parse(e.data) : e.data } catch (e) { } var n = a.__tcfapiCall; n && window.__tcfapi(n.command, n.version, (function (a, r) { var i = { __tcfapiReturn: { returnValue: a, success: r, callId: n.callId } }; t && (i = JSON.stringify(i)), e.source.postMessage(i, "*") }), n.parameter) }), !1)) }; "undefined" != typeof module ? module.exports = e : e() }();

2. Replace the cmpOrigin endpoint

cmpOrigin is the endpoint from where the GDPR & TCF service is available. The endpoint for TCF v1 needs to be replaced with the following wrapperAPIOrigin endpoint for TCF v2:

wrapperAPIOrigin: "https://wrapper-api.sp-prod.net/tcfv2"

3. Upgrade to the TCF v2 client-side javascript library

At a high level the TCF v2 client-side javascript library contains the new IAB consent library, logic to serve TCF v2 compliant consent notifications and store user consent signals in the Sourcepoint database. As for TCF v1 Sourcepoint provides a hosted solution for serving the client-side javascript library using AWS' Cloudfront CDN. To upgrade to the TCF v2 the client-side javascript library needs to be upgraded with the following endpoint:

<script src="https://gdpr-tcfv2.sp-prod.net/wrapperMessagingWithoutDetection.js"></script>

4. Remove quotation marks from accountId parameter

While the old TCFv1 script was able to interpret string values in the configuration the new TCFv2 script is only able to work with numbers. Therefore any accountID parameters using quotation marks must be change. For example accountId: "123" must be changed to accountId: 123