Script Installation

The eConsent tracker is a lightweight JavaScript file that loads a compiled Rust-to-WebAssembly (WASM) module in the browser.

Installing the eConsent Tracker

Watch how to install the tracker script via Google Tag Manager and direct code, configure consent types, and verify the installation.

~4 min

On form submission, it extracts consent elements, captures a session recording via rrweb, and generates a tamper-proof certificate.

Installation methods

Google Tag Manager (Recommended)

1. Open your GTM container and navigate to Tags > New.

2. Select Custom HTML as the tag type.

3. Paste the tracker script:

   <script src="https://d13jv0uulndum1.cloudfront.net/cdn/tracker.min.js"
           data-company="COMPANY_ID"
           data-property="PROPERTY_ID">
   </script>

   Replace COMPANY_ID and PROPERTY_ID with your actual values from the dashboard.

4. Set the trigger to All Pages (Page View), or restrict to specific pages that contain consent forms.

5. Click Submit > Publish to deploy the tracker.

Direct Code

Add the tracker script to the <head> section of every page that contains a consent form:

<!DOCTYPE html>
<html>
<head>
  <title>Your Website</title>

  <!-- eConsent Tracker -->
  <script src="https://d13jv0uulndum1.cloudfront.net/cdn/tracker.min.js"
          data-company="COMPANY_ID"
          data-property="PROPERTY_ID">
  </script>

</head>
<body>
  <!-- Your content -->
</body>
</html>

Replace COMPANY_ID and PROPERTY_ID with your actual values from the dashboard.

Note

The tracker CDN URL is https://d13jv0uulndum1.cloudfront.net/cdn/tracker.min.js. Configuration is passed entirely through data- attributes on the script tag. No separate initialization call is required.

Script attributes

Attribute	Required	Description
data-company	Yes	Your eConsent Company ID
data-property	Yes	Your Property ID for the website being tracked

Consent types

eConsent supports five consent types that correspond to TCPA contact methods:

Consent type	Description
TEXT	SMS/text message consent
EMAIL	Email marketing consent
CALL	Phone call consent
AUTODIALER	Automated dialing system consent
PRERECORDED	Pre-recorded message consent

These types are used in the data-consent-type HTML attributes described below.

Tagging consent elements

Add data-consent-type attributes to the HTML elements that represent consent on your page. eConsent recognizes four categories:

<!-- Primary consent language (displayed to the user) -->
<p data-consent-type="main-implied">
  By submitting this form, you consent to receive calls, texts, and emails
  at the contact information provided, including by autodialer.
</p>

<!-- Primary opt-in checkbox (requires user interaction) -->
<input type="checkbox" data-consent-type="main-explicit" />
<label>I agree to the Terms of Service and consent to be contacted</label>

<!-- Secondary/partner consent language -->
<p data-consent-type="secondary-implied">
  Your information may be shared with our network of lending partners.
</p>

<!-- Secondary opt-in checkbox -->
<input type="checkbox" data-consent-type="secondary-explicit" />
<label>I consent to receive offers from our partners</label>

Tip

You can also map consent elements visually using the Consent Selector tool in the dashboard, which avoids the need to modify your HTML directly.

Hidden form field

Add a hidden input to every form where you collect consent. The tracker automatically populates this field with the certificate ID on form submission:

<input type="hidden" id="econsent_hidden" name="econsent_hidden" value="">

This allows you to associate the eConsent certificate with the lead record in your CRM or lead management system.

JavaScript API

After the tracker initializes, you can access session and certificate data programmatically:

// Session ID
window.econsentState.session_id

// Certificate ID
window.econsentState.certificate

The tracker also sets two browser cookies:

• econsent_session: the current session ID
• econsent_certificate: the certificate ID after generation

Auto-tracking

The tracker automatically captures certain elements without explicit tagging:

Auto-tagged elements

Elements that match either of these conditions are automatically tracked:

• The element’s id attribute starts with econsent- (e.g., id="econsent-phone")
• The element has the attribute data-econsent="true"

Core PII fields

The following PII fields are always captured (values are hashed for privacy):

• First name, last name
• Email address
• Phone number
• Street address, city, state, ZIP code

Whitelisted fields

Any additional fields beyond core PII and auto-tagged elements must be explicitly whitelisted using the Whitelist Inspector or by configuring maskedFields on your property. Whitelisted fields are captured with their values hashed.

Caution

Fields that are not core PII, not auto-tagged, and not whitelisted are not captured at all. This privacy-by-default approach ensures you only collect the data you explicitly authorize.

Domain whitelisting

The tracker validates its origin against your property’s registered domain before activating. When the script loads, it calls POST /api/verify-origin with the page’s origin and your Company ID. If the origin does not match any registered property, tracking does not activate.

This means the tracker will only function on the domain you registered when creating your property. See Properties & Domains for details on configuring your property’s origin.

Verifying your installation

After installing the tracker:

1. Open your website in a browser with developer tools open.
2. Check the Console tab for eConsent initialization messages.
3. Submit a test form with consent elements tagged.
4. Check the Network tab for requests to the eConsent API returning 200 responses.
5. Verify in the dashboard that a new certificate appears under Certificates.
6. Check cookies for econsent_session and econsent_certificate.

Troubleshooting

Tracker not initializing

• Verify the script URL: https://d13jv0uulndum1.cloudfront.net/cdn/tracker.min.js
• Confirm data-company and data-property attributes are set correctly.
• Ensure the page domain matches the property’s registered origin.

Hidden field not populating

• Confirm the hidden input has id="econsent_hidden" exactly.
• Verify that at least one consent element is tagged with data-consent-type.
• Ensure the tracker script loads before the form is submitted.

Certificates not appearing in dashboard

• Check that the property’s origin matches your website domain.
• Verify that consent elements are visible on the page (the tracker performs visibility checks).
• Review the browser’s Network tab for failed API requests.

Next steps

• Whitelist Inspector. Visually select additional fields to capture
• Consent Selector. Map consent types without modifying HTML
• Consent Certificates. Understand the generated certificate format
• Properties & Domains. Configure domain whitelisting and field settings