Salesforce

Cookie Consent Integration with Google Tag Manager

« Go Back
Information
Cookie Consent Integration with Google Tag Manager
UUID-301b21c8-a73a-05e8-175a-36c9036728dc
English
Checked
Content

Google Tag Manager (GTM) is a tool that allows you to manage and deploy tags (snippets of code or tracking pixels) on your website without having to modify your site code.

If you use Google Tag Manager (GTM) to inject cookies on your website and manage site content, you can configure GTM so that the scripts are controlled by visitors' consent preferences.

This can be more efficient than using the standard helper methods described in the Client-Side Cookie Management section of this guide. However, there are some differences in behavior because of how GTM works.

This section of the guide explains how to set up GTM to take advantage of these changes.

Note

This article is not a complete guide to Google Tag Manager. Consult official Google Tag Manager documentation for more detailed information about setting up and using GTM.

How it Works

To pass data to Google Tag Manager, the Cookie Consent tool uses variables. Cookie Consent supports javascript variables and data layer variables. We recommend using the GTM data layer and data layer variables.

Cookie Consent uses the existing dataLayer object or creates a new one if it doesn’t already exist. If your site creates a dataLayer object, ensure that this does not overwrite the one Cookie Consent creates.

Cookie Consent adds a key named OnetrustActiveGroups with value of comma delimited string of the current active category IDs as selected by the visitor (or the default setup). This key repopulates on every page load once the script is executed. For example, the data contained in the value might be ,C0002,C0003,C0004.

When a user updates their consent, the dataLayer event OneTrustGroupsUpdated is triggered. You will use this event when creating triggers to apply to your tags.

By creating a GTM Custom Variable and triggers, you can configure GTM tags to trigger only when specific consent groups within OnetrustActiveGroups are present.

You can implement this integration in one of two ways: uploading and merging a provided container file or by manually establishing triggers for each tag.

Important Notes about Google Tag Manager Integration

  • The Google Tag Manager rule operator and value fields can be customized if a different behavior is required than contained in the examples in this section.

  • Auto-Blocking is capable of blocking Google Tag Manager. If this occurs, use one of the follow methods to unblock Google Tag Manager:

    j.setAttributeNode(d.createAttribute('data-ot-ignore'));
    j.setAttribute('class','optanon-category-C0001');

    Example:

    <!-- Google Tag Manager -->
    <script>(function (w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' });
    var f = d.getElementsByTagName(s)[0], j = d.createElement(s), dl = l != 'dataLayer' ? '&l=' + l : ''; j.setAttributeNode(d.createAttribute('data-ot-ignore'));
    j.async = true;j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl;
    f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-XXXXXXX');
    </script>
    <!-- End Google Tag Manager -->

To create a new variable

  1. Open your container in Google Tag Manager.

  2. Select the Variables tab from the main menu. The Variable screen appears.

  3. Create a new User-Defined Variable.

  4. Name the variable.

    Tip

    We suggest naming the variable OnetrustActiveGroups for easy identification.

  5. Set the Variable Type to Data Layer Variable under the Page Variables section.

  6. Set the Data Layer Variable Name to OnetrustActiveGroups.

    Note

    The Data Layer Variable Name must be set to OnetrustActiveGroups for the code to work as expected

    gtm-variable-active-groups
  7. Press the Save button.

Important

Custom data layer variables are only supported by OneTrust 6.29 and up.

To deploy the banner script in a tag

If using a custom HTML-type tag in Google Tag Manager, the tag content can do one of the following:

  • Leverage HTML / JavaScript

  • Use the Optanon helper methods to insert the HTML/JavaScript (i.e. Optanon.InsertScript or Optanon.InsertHtml)

  1. Select the Tags tab from the main menu. The Tags screen appears.

  2. Click New. The Tag modal appears.

  3. Name the tag Cookie Banner Script.

  4. Under the Tag Configuration, press the Edit button. The Choose tag type modal appears.

  5. Select Custom HTML.

  6. Paste the published script into the HTML editor.

  7. Check the Support document.write box.

    <!-- OneTrust Cookies Consent Notice start -->
    
    <script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js"
    type="text/javascript" charset="UTF-8" data-domain-script="YOUR DATA DOMAIN SCRIPT ID"></script>
    <script type="text/javascript">
    function OptanonWrapper()
    </script>
    <!-- OneTrust Cookies Consent Notice end -->
  8. Click the Triggering icon. The Choose a trigger modal appears.

  9. Select All Pages.

  10. Click Save.

Triggers

In GTM, triggers prompt tags to fire or not fire on certain criteria. You may already have a variety of different triggers applied to your tags.

As part of the Cookie Consent integration with GTM you are going to create a trigger associated with each cookie category.

When you apply these triggers to your tags, this will prompt your tags to fire or not fire based on the Cookie Category being active or the consent given by the user.

You will need a separate trigger for each of the Cookie Categories that you will be blocking cookies under. For example, you may have a group called 'Performance Cookies', which has a category id of C0002 and contains the cookies set by your Google Analytics tag.

Each trigger needs to be in line with the category ids that are set in your cookie consent application. You can find the cookie category IDs in the cookie consent application under Categorizations.

We want the OneTrust cookie category id triggers that you create or upload to be applied to your existing tags in such a way that the OneTrust trigger is the limiting factor to the tag firing. This can be done in several different ways. Three different ways are outlined below.

  1. Creating a Firing Trigger

  2. Using Firing Triggers on Existing Tags and Creating a Trigger Group

  3. Creating Exception Triggers

To create a firing trigger

  1. Open your container in Google Tag Manager.

  2. Select the Triggers tab from the main menu. The Triggers screen appears.

  3. Press New. The Trigger Configuration screen appears.

  4. Name it accordingly, e.g. Performance Cookies Active.

  5. Press the Trigger Configuration and set the Trigger type to Custom Event.

  6. Set the Event name to OneTrustGroupsUpdated. This event is embedded in the script.

  7. Select Some Page Views and set it to fire when the following is true:

    [OnetrustActiveGroups] [matches RegEx] [,C0002,] 
    TriggerConfiguration.png
  8. Save the Trigger.

  9. Repeat this process for the remaining Cookie Categories.

  10. Apply the Triggers to Tags as a firing trigger.

Note

If a tag is blocked and then allowed, it'll fire without the need for page reload because of listening for OneTrustGroupsUpdated. If it had been previously allowed and then blocked, the tag would be blocked on subsequent page loads.

To create an exception trigger

You can also set up an exception trigger to fire the script if a category of cookies is not active.

You will only want to use an exception trigger if you already have a different firing trigger set up on your tag.

Note

In Google Tag Manager, Blocking triggers must fire on the same event as the Active triggers.

For example, set a trigger to fire when OneTrust Active Groups does not contain C0002 (where C0002 is the id for performance cookies). Apply this blocking trigger as an exception to tags in this group.

  1. Select the Triggers tab from the main menu. The Triggers screen appears.

  2. Press New. The Trigger Configuration screen appears.

  3. Create a new trigger and name it accordingly, e.g. Block Performance Cookies.

  4. Press the Trigger Configuration and set the Trigger type to Custom Event.

  5. Set the Event name to .*. This event applies to all events and will allow the exception trigger to override the event that is in the firing trigger.

  6. Set the Trigger to fire on Some Custom Events.

  7. Select Some Page Views and set the Trigger to fire when the following is true:

    [OnetrustActiveGroups] [does not match RegEx] [,C0002,] 
    CC_GTM.png
  8. Save the Trigger.

  9. Repeat this process for the remaining Cookie Categories.

  10. Apply the Trigger to Tags as an Exception.

Using firing triggers on existing tags and creating a trigger group

When using a firing trigger, you want to make the OneTrust trigger is the limiting factor to the tag firing.

You will only want to use a trigger group if you already have a firing trigger set up on your tag.

Trigger groups utilize “AND” conditions, where as directly applying multiple triggers to a tag to be firing utilizes an “OR” condition.

Firing Triggers directly applied:

FireTrigOR.png

Within Trigger Group:

FireTrigAND.png

This is another method for setting up the OneTrust triggers and applying them to your tags such that the OneTrust triggers are the limiting factor to the tags firing.

  1. Select the Triggers tab from the main menu. The Triggers screen appears.

  2. Press New. The Trigger Configuration screen appears.

  3. Create a new trigger and name it accordingly, e.g. Example Trigger Group.

  4. Press the Trigger Configuration and set the Trigger type to Trigger Group.

Using a container to integrate with Google Tag Manager

To import a container

  1. Open your container in Google Tag Manager.

  2. Go to the Admin tab.

    gtm_admin.png
  3. Download the container from the link at the end of the article.

  4. Click Import Container.

    gtm_import_container.png
  5. Select the downloaded container file.

  6. Select Merge and then Overwrite conflicting tags, triggers and variables as the import option.

  7. Click the Confirm button.

To add the triggers to tags

  1. On the main navigation menu in Google Tag Manager, select Tags.

  2. Select a tag to apply the appropriate OneTrust Cookie Category Trigger to.

  3. Apply the appropriate Firing Trigger, Trigger Group or Exception Trigger that you have created.

  4. Click the Save button.

Blocking Tags Using the OptanonConsent Cookie

In addition to the OneTrustActiveGroups data layer variable, the OTSDKstub.js file also sets the first party cookie, OptanonConsent, to capture user consent. By decoding the value of the OptanonConsent cookie, the current consent can be read. For more information, see OneTrust Cookies.

To create a new variable

  1. Open your container in Google Tag Manager.

  2. Select the Variables tab from the main menu. The Variable screen appears.

  3. Create a new User-Defined Variable.

  4. Name the variable.

    Tip

    We suggest naming the variable OptanonConsent so you know what it refers to.

  5. Set the Variable Type to 1st Party Cookie under the Page Variables section.

  6. Set the Data Layer Variable Name to OptanonConsent.

    Note

    The Data Layer Variable Name must be set to OptanonConsent for the code to work as expected. Additionally, the URI-decode cookie option must be enabled.

    OptConsCook.png
  7. Press the Save button.

Triggers

Similar to the OnetrustActiveGroups data layer variable setup, active and blocking triggers will be created for each cookie category within the account. As the OptanonConsent cookie is set on page load, this allows you to trigger client tags before OneTrustGroupsUpdated event normally used by the data layer variable to block Cookie Categories.

For example, if you are using an e-commerce event that you have defined in the data layer, you can use the OptanonConsent cookie over the OneTrustActiveGroups data layer variable to trigger your analytics tags on the e-commerce event rather than on OneTrustGroupsUpdated.

To create a firing trigger

  1. Open your container in Google Tag Manager.

  2. Select the Triggers tab from the main menu. The Triggers screen appears.

  3. Press New. The Trigger Configuration screen appears.

  4. Name it accordingly, e.g. First Party Cookie - Active Performance - OT.

  5. Press the Trigger Configuration and set the Trigger type to the relevant use case.

    Note

    Adding Page View or DOM Ready triggers will likely the cause the triggers to not fire on the first page load.

  6. Set the Event name to the event the on which affected tag will fire. This differs from the Data Layer variable OneTrustActiveGroups that must trigger on the event OneTrustGroupsUpdated.

  7. Select the relevant trigger and set it to fire when the following is true:

    [OptanonConsent] [contains] [C0002:1] 
  8. Save the Trigger.

  9. Repeat this process for the remaining Cookie Categories.

  10. Apply the Triggers to Tags as a firing trigger.

To create an exception trigger

  1. Open your container in Google Tag Manager.

  2. Select the Triggers tab from the main menu. The Triggers screen appears.

  3. Press New. The Trigger Configuration screen appears.

  4. Name it accordingly, e.g. First Party Cookie - Block Performance - OT.

  5. Press the Trigger Configuration and set the Trigger type to the relevant use case.

  6. Set the Event name to the event the on which affected tag will fire. This differs from the Data Layer variable OneTrustActiveGroups that must trigger on the event OneTrustGroupsUpdated.

  7. Select the relevant trigger and set it to fire when the following is true:

    [OptanonConsent] [does not contain] [C0002:1] 
  8. Save the Trigger.

  9. Repeat this process for the remaining Cookie Categories.

  10. Apply the Triggers to Tags as an exception trigger.

To leverage dataLayer attributes

Using the following dataLayer attributes, you can prevent the OneTrust CDN from pushing to window.dataLayer or create a new dataLayer so that you have control over how messages are sent to GTM.

To disable CDN pushed to window.dataLayer

  • Insert the data-dLayer-ignore attribute into your script.

    Example:

    <script src="https:/cdn.cookielaw.org/scripttemplates/otSDKStub.js"
    type="text/javascript" charset="UTF-8" data-domain-script="XXXXX"
    data-dLayer-ignore="true"></script>

To enable CDN pushes to a new dataLayer

  • Insert the data-dLayer-name attribute into your script.

    Example:

    <script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js"
    type="text/javascript" charset="UTF-8" data-domain-script="XXXXXX"
    data-dLayer-name="dataLayerOneTrust"></script>

    This allows CDN pushes to your defined dataLayer only. Pushes to widow.dataLayer are disabled.

Troubleshooting: Support Document.Write

If you are using Google Tag Manager and have more than one tag or container with the ‘Support Document.Write’ checkbox checked, it may prevent the script from firing properly.

In order to confirm, block the request URL of the container that does not contain the CookiePro/OneTrust tag.

  • Does the tag that loads the CookiePro/OneTrust script fire successfully?

    • If so, try blocking the request URL for the exact tag causing the issue.

To resolve this issue, set the tag causing the conflict to fire after the CookiePro/OneTrust script has loaded completely.

gtm_troubleshooting_config.png

This can be accomplished by setting the tag in question to use a firing trigger that is dependent on the OnetrustGroupsUpdated event that pushes within the dataLayer once the script completes. This fix is similar to the method used to ensure cookies are not dropped for users based on consent preferences.


Powered by