Cookies and localStorage in the Optimizely snippet

Last updated
Save as PDF

Skip Ahead

Cookies
1. First-party cookies in Optimizely X
2. Third-party cookies in Optimizely X
localStorage
1. Keys set by Optimizely X Web
2. Origins

THIS ARTICLE WILL HELP YOU:

Familiarize yourself with the first-party cookies used by Optimizely X
Understand when visitors are cookied

Optimizely uses persistent visitor-level cookies and localStorage to uniquely identify visitors, track their actions, and deliver consistent experiences across page loads. It sets a number of cookies, each storing a different set of data.

Use this article to understand the details of Optimizely's cookies. But take care not to directly reference the cookies and localStorage keys in code, as the specific data format and the cookies themselves may change over time and break your experiences. Instead, use the JavaScript API for Optimizely X Web.

If your Optimizely X account uses custom snippets, you might see more than one snippet listed for your projects.

Beginning with iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave, Intelligent Tracking Protection 2.1 is the new default behavior. All client-side cookies (in other words, cookies set from JavaScript via `document.cookie`) will have a maximum 7-day expiry period.

Please read Intelligent Tracking Protection and Optimizely for more information and potential mitigations.

Cookies

Optimizely X uses first-party cookies.

Please note that only two of the cookies below are used in Optimizely X: optimizelyEndUserId and optimizelyRedirectData.

Important:

When developing experiences on your site, it's important to use the JavaScript API.

Take care not to reference the cookies and localStorage keys directly, as they may change at any time.

First-party cookies in Optimizely X

In Optimizely X, you can use our JavaScript API to set cookie domain. You can also use the API to set cookie expiration and to enable or disable the extend cookie lifetime function.

optimizelyEndUserId

What: Stores a visitor's unique Optimizely identifier. It's a combination of a timestamp and random number. No other information about you or your visitors is stored inside.
Example: oeu1383080393924r0.5047421827912331
Expiration: 6 months from last page visit, or a period of your choice (per the setCookieExpiration and extendCookieLifetime APIs)

optimizelyRedirectData

What: After Optimizely has executed a redirect experiment, stores various data from the original page so that Optimizely still has access to it on the new page.
Expiration: 5 seconds

Third-party cookies in Optimizely X

Optimizely X does not set third-party cookies.

Date created: 6/3/2016

Technical skills needed to implement this solution: Familiarity with browser developer tools

What's the problem?

3rd party cookies are not present within the Resources tab of the browser developer tools.

Solution:

Instead of using the Resource tab within the browser developer tools, you'll have to look into the Network panel for a request sent as part of a goal conversion.

Open up the browser developer tools --> Network
Fire off Optimizely request
Click on the request --> Headers --> Request Headers --> Look for the strings bucket_map and end_user_id
Alternatively, you can click on the Request --> Cookies and look for the strings bucket_map and end_user_id

Why is this information internal-only, and not customer facing?

This is not really information that needs to be digested by a large customer base. 3rd party cookies are more for cross-domain tracking (which works inconsistently), as well as reconciling user actions within our Backend.

localStorage

Optimizely stores data under the following keys in localStorage.

Keys set by Optimizely X Web

The following are keys set by Optimizely X Web Experimentation and Personalization.

Important:

When developing experiences on your site, it's important to use the JavaScript API. Here are resources for Optimizely X Web.

Take care not to reference the cookies and localStorage keys directly, as they may change at any time.

The 'visitorId' part of the keys below is a combination of a timestamp and random number. No other information about you or your visitors is stored inside.

optimizelyData$${visitorId}$${projectId}$$event_queue

What: Stores event instances that are waiting to be added to the previous ...$$events key.

optimizelyData$${visitorId}$${projectId}$$events

What: Stores event instances that describe actions the visitor has taken on your website.

optimizelyData$${visitorId}$${projectId}$$layer_states

What: Records whether each layer (also called a "campaign") is active or not in Optimizely Personalization.

optimizelyData$${visitorId}$${projectId}$$session_state

What: Tracks the session identifier and timestamp, which helps Optimizely identify sessions for analytics purposes.

optimizelyData$${visitorId}$${projectId}$$variation_map

What: Records the variation that the visitor has seen for each experiment. This allows us to deliver a consistent experience on successive page loads.

optimizelyData$${visitorId}$${projectId}$$visitor_profile

What: Stores the visitor's values for various audience conditions. This is particularly important for "sticky" conditions like Ad Campaign, Source Type, and Referrer for which we need to rely on the first observed value.

optimizelyData$${visitorId}

optimizelyData$${visitorId}$$events

optimizelyData$${visitorId}$$event_queue

optimizelyData$${visitorId}$$layer_states

optimizelyData$${visitorId}$$session_state

optimizelyData$${visitorId}$$visitor_profile

optimizelyData$${visitorId}$$variation_map

These are keys that we used to set, in Classic and/or New Optimizely. The snippet no longer sets data under these keys, for visitors who originally received data for these keys, the snippet is slowly migrating their data over to the new keys.

Origins

Unlike cookie data, localStorage is scoped to a single "origin." An “origin” is a combination of a specific hostname, protocol, and port on your site. Two pages have the same origin if the protocol, port (if one is specified), and host are the same for both pages.

Here's an example of pages that don't have the same or different origins as https://shop.example.com:

http://shop.example.com (different security protocol)
https://example.com (different subdomain)

You'll find that the documented localStorage keys are set on every domain that uses Optimizely X Web.

In order for Optimizely to recognize visitors across your pages and deliver consistent experiences, we replicate each visitor's data on all of your subdomains by routing it through another origin: https://a{yourAccountId}.cdn.optimizely.com/. Your visitors' data will be set on that origin as well, and on every page load with an Optimizely snippet on it, Optimizely makes an async call to this origin to sync this data. This will sync information across origin as well as across subdomains. Read more about tracking events across domains in Optimizely X Web.

Optimizely does not combine visitor data from multiple projects.