Guides
  1. tracking-script

Cross-Domain Tracking

Overview

By default, the tracking script identifies visitors via first-party cookies, which are scoped to a single domain. If your visitor journey spans multiple domains (e.g., shop.example.comcheckout.payment.com), the visitor appears as a new visitor on each domain.

Cross-domain tracking solves this by passing the visitor's identity from one domain to another via URL parameters.

How It Works

When cross-domain tracking is enabled in the project settings:

  1. The tracking script decorates outbound links with visitor cookie data as query parameters
  2. When the visitor arrives on the destination domain, the tracking script reads these parameters
  3. The visitor identity, session, and bucketing data are restored from the URL instead of cookies

URL Parameters Used

ParameterContains
_conv_vVisitor cookie data (visitor ID, bucketing, goals, segments)
_conv_sSession cookie data
_conv_sptestSplit test data (if applicable)

When these parameters are present in the URL, they override any existing cookies on the destination domain.

Enabling Cross-Domain Tracking

Enable the "Allow cross-domain tracking" setting in your Convert project configuration. The tracking script will then automatically:

  1. Detect links to other domains in your page
  2. Append the visitor parameters to those links
  3. Read and restore visitor data from URL parameters on page load

Cookie Domain Configuration

For subdomains of the same root domain (e.g., www.example.com and shop.example.com), you may not need cross-domain tracking at all. Instead, configure the cookie domain in your project settings to the root domain (e.g., .example.com). This allows cookies to be shared across all subdomains automatically.

Security Considerations

  • URL parameters containing visitor data are not encrypted but contain no personally identifiable information — only a random visitor ID and experimentation state
  • Parameters are automatically URL-encoded
  • The visitor ID is a random hash, not tied to any personal data
  • Consider using HTTPS to prevent parameter interception in transit

Limitations

  • Cross-domain linking only works when the visitor navigates via a decorated link. Direct URL entry or bookmarks won't carry the parameters.
  • If the destination domain doesn't have the Convert tracking script installed, the parameters are ignored.
  • JavaScript-initiated navigation (e.g., window.location.href = url) may not be automatically decorated — you may need to append parameters manually in such cases.

Updated about 1 month ago