AMP Implementation TCF Version 2.0 Overview with CNAME

This document provides guidance on how to integrate the Sourcepoint CMP (Consent Management Platform) with your AMP (Accelerated Mobile Pages) inventory for the IAB's Transparency and Consent Framework version 2.0. To perform this integration you should have some level of technical knowledge and access to update the AMP website code.

The process for setting messages, scenarios, partitions and campaigns is the same as the process for setting up any consent messaging campaign. However, the process for setting up properties, vendor lists and privacy manager may differ.

Setting Up An AMP Property

The process for setting up an AMP property is generally the same as the process for setting up a property for any other messaging campaign. It is recommended that you set up an alternate property to deliver messages on AMP pages. This will allow you to set up separate vendor lists for AMP pages. Examples of an AMP property name for the site www.example.com would be www.amp.example.com and amp.example.com.

For more information on how to create a new property, please visit the Creating Properties article.

Setting Up A Message

Messages for AMP are created using the Sourcepoint's new Message Builder 2 product. For more information on creating a message using Message Builder 2, please visit the "How to Create a Message Version" in version 2 of the messaging section.

Setting Up A Scenario

The process for setting up scenario for an AMP page is basically the same except that for an AMP scenario you do not include a Consent Gate option. The AMP consent component knows whether or not the user has previously consented based on the value stored in local storage in the browser.

For more information on creating scenarios, please visit the Creating Scenarios article.

Setting Up Partitions And Campaigns

The process for setting up partitions and campaigns for AMP is the same as for other campaigns. For more information on on partitions, please the Creating Partitions article.

Setting Up Vendor Lists And Privacy Managers

There is only one minor difference in setting up a vendor list for AMP pages. For AMP pages, you should not create any consent or reject actions in vendor lists.

Setting up the CNAME DNS Records

In order for the AMP consent to be persistently recorded in Safari we need to set the consent preferences in the first-party space. To accomplish this, you need to set up two CNAME DNS records.

For TCF version 2 AMP your will have a dedicated subdomains that will correspond with your Sourcepoint account number. For example, if your account ID is 222 you will create a CNAME record for your API CNAME to api-222.privacy-mgmt.com and cdn-222.privacy-mgmt.com for your CDN CNAME.

API CNAME - The API CNAME record is for our consent server APIs where the consent record is stored. For an account ID of 222, the CNAME should be set up so that it points to api-222.privacy-mgmt.com.

CDN CNAME - The CDN CNAME is for the post prompt user interface where users can change their consent preferences. The second CNAME record should point to cdn-222.privacy-mgmt.com. This CNAME will ensure that consent choices made from the post prompt user interface (privacy manager) are executed in a first-party space.

After you have set up the CNAME records, please contact your Sourcepoint Account manager. They will then make sure the appropriate SSL certificates are set up on the Sourcepoint side.

Both of these CNAME records will be referenced in the configuration parameters. The checkConsentHref with reference the API CNAME and the promptUISrc parameter will reference the CDN CNAME.

Integrating Sourcepoint CMP Code Into Your AMP Website for TCF Version 2.0

After you have created a property in the Sourcepoint user interface, you can integrate the Sourcepoint CMP into your AMP website by using the amp-consent component, and inserting the proper attributes in the amp-consent component tags. The tag can be placed in the <body> or <head> of the page.

The example code below is for an example campaign running in the Sourcepoint account. It uses a API CNAME record of sp-api.example.com and a CDN CNAME record of sp-cdn.example.com with their respective accountId, siteName, siteId and privacyManagerId values for that account. If you swap these for the values related to your account (i.e. API CNAME and CDN CNAME) you will be able to display messages. You MUST use your own CNAME records in order for the solution to work properly.

<amp-consent id='consent' layout='nodisplay' >
<script type="application/json">
{
"consentRequired": "remote",
"consentInstanceId": "sourcepoint",
"checkConsentHref": "https://sp-api.example.com/tcfv2/v1/amp",
"promptUISrc": "https://sp-cdn.example.com/",
"postPromptUI": "consent-ui",
"clientConfig": {
"accountId": 1319,
"propertyHref": "https://amp.property.tcfv2",
"propertyId": 9386,
"privacyManagerId": 155199,
"isTCFV2": true,
"pmTab": "purposes",
"stageCampaign": false,
"targetingParams": {
"color": "red"
}
}
}
</script>
</amp-consent>

Below are the definitions for the parameters you need to deliver a TCF v2 AMP solution.

  • consentRequired - This tells the AMP consent component to use code from a remote source. This should always be set to "remote"

  • consentInstanceId - This tells the AMP consent component to use the Sourcepoint code. This should always be set to "sourcepoint".

  • checkConsentHref - This URL that will check the user's consent. The path for this URL will leverage the API CNAME record from the "Setting up the CNAME DNS Records" section of the document. The format of the URL path is https://{API CNAME SUBDOMAIN}/tcfv2/v1/amp where {API CNAME DOMAIN} would be replaced by the API CNAME subdomain record created.

  • promptUISrc - This is the URL that will return the post prompt user interface where user's can change their consent. The path should always be set to "https://{CDN CNAME SUBDOMAIN}/" where {CDN CNAME SUBDOMAIN} would be replaced by the CDN CNAME subdomain record previously created.

  • postPromptUI - This is the page element that should be displayed to users to provide them with the ability to change their consent after they initially consent.

  • accountId - This corresponds with your Sourcepoint account ID.

  • propertyHref - This is the property created in the Sourcepoint UI that contains the message, scenario, partition and campaign. The property name should be preceded by the "https://" protocol. For example, a property defined as "amp.property.tcfv2" in the UI should have a propertyHref parameter of "https://amp.property.tcfv2".

  • propertyId - The ID of the property on which the message is supposed to be served. You can get the property from the address bar at the end of the URL.

  • privacyManagerId - The ID of the privacy manager to be associated with the postPromptUI element. The ID of the privacy manager can be obtained from the Privacy Manager create window (see screenshot below.

  • isTCFV2 - This needs to be set to True. It tells the AMP consent component to use the Sourcepoint CMP code associated with the IAB's TCF version 2.0.

  • pmTab (optional) - This tells the code which tab in the privacy manager should be opened when the privacy manager is accessed by the site visitor. The default value is "purposes". Possible values are:

    • purposes

    • vendors

    • features

    • stageCampaign (optional) - The campaign that you want to show. In the production environment this is generally set false, but it may be set to true if you want to test and alternate campaign that is in the stage environment. The default value is false.

  • targetingParams (optional) - This is where you can set up additional key-value pairs for additional targeting. In the example above, the key being sent is "color" and the value is "red".

Creating The postPrompt UI

The postPrompt UI is the button or other element a user can click on the resurface a privacy manager after the user has made a consent choice. The ID of the element must correspond to the ID set in the config tag for the postPromptUI parameter.

The UI is constructed from available AMP HTML elements directly on the page. After the user has interacted with the consent message, the postPromptUI will be displayed. The elements for the postPrompt UI need to placed within the the component. Below is example code for a simple postPromptUI element.

<div id="consent-ui">
<button on="tap:consent.prompt(consent=SourcePoint)">Manage privacy settings</button>
</div>