Familiarize yourself with the first-party cookies used by Optimizely X
Understand when visitors are cookied
Optimizely uses persistent visitor-level cookies and localStorage to uniquely identify visitors, track their actions, and deliver consistent experiences across page loads. It sets a number of cookies, each storing a different set of data.
Use this article to understand the details of Optimizely's cookies. But take care not to directly reference the cookies and localStorage keys in code, as the specific data format and the cookies themselves may change over time and break your experiences. Instead, use the JavaScript API for Optimizely X Web.
If your Optimizely X account uses custom snippets, you might see more than one snippet listed for your projects.
Beginning with iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave, Intelligent Tracking Protection 2.1 is the new default behavior. All client-side cookies (in other words, cookies set from JavaScript via `document.cookie`) will have a maximum 7-day expiry period.
As of version 80, Chrome browser introduces a policy when cookies with SameSite=none attribute and without the Secure attribute will not be allowed. This doesn't impact any Optimizely cookies because we only read our cookies in first-party contexts and have no issue with the new default of SameSite=Lax that's used by Chrome. You can find more information about the topic here.
optimizelyEndUserId
What: Stores a visitor's unique Optimizely identifier. It's a combination of a timestamp and random number. No other information about you or your visitors is stored inside.
What: After Optimizely has executed a redirect experiment, stores various data from the original page so that Optimizely still has access to it on the new page.
Expiration: 5 seconds
optimizelyDomainTestCookie
What: When Optimizely loads a URL, the snippet places the cookie to get the current domain, for the purpose of whether cross-domain syncing is possible. If successful the cookie is immediately removed.
Expiration: 6 months. ~ but cookie is removed by Optimizely immediately after the set action is successful.
Third-party cookies in Optimizely X
Optimizely X does not set third-party cookies.
Date created: 6/3/2016
Technical skills needed to implement this solution: Familiarity with browser developer tools
What's the problem?
3rd party cookies are not present within the Resources tab of the browser developer tools.
Solution:
Instead of using the Resource tab within the browser developer tools, you'll have to look into the Network panel for a request sent as part of a goal conversion.
Open up the browser developer tools --> Network
Fire off Optimizely request
Click on the request --> Headers --> Request Headers --> Look for the strings bucket_map and end_user_id
Alternatively, you can click on the Request --> Cookies and look for the strings bucket_map and end_user_id
Why is this information internal-only, and not customer facing?
This is not really information that needs to be digested by a large customer base. 3rd party cookies are more for cross-domain tracking (which works inconsistently), as well as reconciling user actions within our Backend.
localStorage
Optimizely stores data under the following keys in localStorage.
Keys set by Optimizely X Web
The following are keys set by Optimizely X Web Experimentation and Personalization.
Important:
When developing experiences on your site, it's important to use the JavaScript API. Here are resources for Optimizely X Web.
Take care not to reference the cookies and localStorage keys directly, as they may change at any time.
The 'visitorId' part of the keys below is a combination of a timestamp and random number. No other information about you or your visitors is stored inside.
What: Stores the visitor's values for various audience conditions. This is particularly important for "sticky" conditions like Ad Campaign, Source Type, and Referrer for which we need to rely on the first observed value.
What: Temporary storage of XMLHttpRequest information, enabling the snippet to reliably send requests (e.g., to the Event API) even if the visitor navigates to a new page while a request is in progress.
optimizelyData$${visitorId}
optimizelyData$${visitorId}$$events
optimizelyData$${visitorId}$$event_queue
optimizelyData$${visitorId}$$layer_states
optimizelyData$${visitorId}$$session_state
optimizelyData$${visitorId}$$visitor_profile
optimizelyData$${visitorId}$$variation_map
These are keys that we used to set, in Classic and/or New Optimizely. The snippet no longer sets data under these keys, for visitors who originally received data for these keys, the snippet is slowly migrating their data over to the new keys.
Origins
Unlike cookie data, localStorage is scoped to a single "origin." An “origin” is a combination of a specific hostname, protocol, and port on your site. Two pages have the same origin if the protocol, port (if one is specified), and host are the same for both pages.
Here's an example of pages that don't have the same or different origins as https://shop.example.com:
You'll find that the documented localStorage keys are set on every domain that uses Optimizely X Web.
In order for Optimizely to recognize visitors across your pages and deliver consistent experiences, we replicate each visitor's data on all of your subdomains by routing it through another origin: https://a{yourAccountId}.cdn.optimizely.com/. Your visitors' data will be set on that origin as well, and on every page load with an Optimizely snippet on it, Optimizely makes an async call to this origin to sync this data. This will sync information across origin as well as across subdomains. Read more about tracking events across domains in Optimizely X Web.
Optimizely does not combine visitor data from multiple projects.
