GDPR TCF v2 AMP Implementation

The IAB's Transparency and Consent Framework (TCF) was created in order to help digital advertising ecosystem comply with obligations under the GDPR and ePrivacy Directive. In this article, we will cover how to implement Sourcepoint's GDPR TCF v2 consent messaging solution with your AMP (Accelerated Mobile Pages) inventory

Additional information on utilizing the <amp-geo> component to ensure that consent is only required for regions where GDPR applies can be found here.‌

Requirements

In order to record and persist AMP consent for end-users using Safari browsers, your organization must set consent preferences in the first-party space. Click here for more information on how to set up a CNAME DNS record.‌

Recommendations

While the process to set up an AMP property is the same as any other web property (i.e. Sourcepoint currently does not have an AMP property type), it is strongly encouraged that your organization set up alternate properties to deliver messages on AMP pages.‌

Sourcepoint recommends this set up so that your organization can create separate vendor lists for your AMP pages. Examples of an AMP property name for the site www.example.com would be www.amp.example.com.‌

Restrictions

The following restrictions should be adhered to with your GDPR TCF v2 AMP implementation:‌

  • Be aware that AMP does not allow Javascript to be run in the AMP context. This restriction means that your organization cannot create any consent or reject action in a vendor list.

Click here for AMP implementation guidelines.

GDPR TCF v2 AMP implementation overview

The GDPR TCF v2 AMP implementation is comprised of three distinct parts:‌

GDPR TCF v2 AMP headers

Please add the following two scripts into your header:

//required to sync auth_id with publishers domain and Google.com domain
<script async custom-element="amp-analytics" src="https://cdn.ampproject.org/v0/amp-analytics-0.1.js"></script>
//required for the amp-consent component
<script async custom-element="amp-consent" src="https://cdn.ampproject.org/v0/amp-consent-0.1.js"></script>

<amp-analytics> component

Please include the following component in your implementation as is without any modification.

<amp-analytics>
<script type=application/json>
{
"linkers":{"authId":{"ids":{"_a":"CLIENT_ID(AMP-CONSENT)"},"enabled":true,"proxyOnly":false}},"cookies":{"enabled":true,"authId":{"value":"LINKER_PARAM(authId, _a)"}}
}
</script>
</amp-analytics>

The amp-consent component is where you will include the specific account and property details for your organization.

<amp-consent id="consent" layout="nodisplay">
<script type="application/json">
{
"consentRequired": "remote",
"consentInstanceId": "sourcepoint",
"checkConsentHref": "https://CNAME-SUBDOMAIN/wrapper/tcfv2/v1/amp-v2?authId=CLIENT_ID",
"promptUISrc": "https://CNAME-SUBDOMAIN/amp/index.html?authId=CLIENT_ID",
"postPromptUI": "consent-ui",
"cookies": {
"enabled": true,
"AMP-CONSENT": {
"value": "LINKER_PARAM(authId, _a)"
}
},
"clientConfig": {
"accountId": 22,
"propertyHref": "https://vince.tcfv2",
"propertyId": 9591,
"mmsDomain": "https://CNAME-SUBDOMAIN.com",
"privacyManagerId": 158995,
"isTCFV2": true,
"pmTab": "vendors",
"stageCampaign": false,
"targetingParams": {
"color": "red"
}
}
}
</script>
</amp-consent>

Below are the definitions for the parameters you need to deliver a TCF v2 AMP solution.

Parameter

Description

consentRequired

Parameter tells the <amp-consent> component to use code from a remote source. This parameter should always be set toremote.

ConsentInstanceId

Parameter tells the <amp-consent> component to use Sourcepoint code. This parameter should always be set tosourcepoint.

checkConsentHref

URL that will check the user's consent.

The format of the URL path is https://{CNAME SUBDOMAIN}/wrapper/tcfv2/v1/amp-v2 where {CNAME SUBDOMAIN} is the CNAME subdomain record previously created.

promptUISrc

URL that will return the post prompt user interface where users can change their consent.

The path should always be set to https://{CNAME SUBDOMAIN}/amp/index.html where {CNAME SUBDOMAIN} is the CNAME subdomain record previously created.

Note: Please include the ?authId=CLIENT_ID url parameter in the entry. This will allow consent preferences to be saved when your users arrive from a search.

postPromptUI

The page element that should be displayed to end-users to provide them with the ability to change their consent after they initially consent.

cookies

Required to store and persist consent across pages. This object should always be defined exactly as in the example:

"cookies":

"enabled": true,

"AMP-CONSENT": {

"value": "LINKER_PARAM)authId, _a"

}

},

uiConfig

An optional parameter that adds a light black overlay to the site behind the message experience. Can be used to deter end-user scrolling without engaging with your consent experience.

accountId

The accountId value associates the property with your organization's Sourcepoint account. Your organization's accountId can be retrieved by contacting your Sourcepoint Account Manager or via the My Account page in your Sourcepoint account.

propertyHref

This is the property created in the Sourcepoint UI that contains the message, scenario, partition and campaign. The property name should be preceded by the https:// protocol. Example: a property defined as amp.property.tcfv2 in your Dashboard should have a propertyHref parameter of https://amp.property.tcfv2.

propertyId

Maps the message to a specific property (website, app, OTT) as set up in the Sourcepoint account dashboard.

mmsDomain

Domain that will communicate with the Sourcepoint messaging service.

The format for the path of this parameter is https://{CNAME SUBDOMAIN} where {CNAME SUBDOMAIN} is the CNAME subdomain record previously created.

isTCFv2

Parameter tells the <amp-consent> component whether the implementation is for GDPR TCF v1 or GDPR TCF v2.

If the value for this parameter is false, the implementation will default to GDPR TCF v1 logic.

pmTab

Determines which tab is opened by default when the privacy manager is accessed.

The value for the parameter can either be vendors or purposes.

StageCampaign

A parameter that accepts a boolean value. When set to true, the implementation will display a GDPR TCF v2 messaging campaign configured for the stage environment.

targetingParams

Targeting params allow a developer to set arbitrary key/value pairs. These key/value pairs are sent to Sourcepoint servers where they can be used to take a decision within the scenario builder.

targetingParams: {

key1: valueA, key2: valueB }