Consent managers offer various cookie consent solutions allowing the customers to determine what personal data they want to share with a business.
OneTrust is a popular consent management platform that provides data governance, privacy management, and security solutions to thousands of businesses worldwide.
The JavaScript SDK seamlessly integrates with the OneTrust SDK. It lets you map the OneTrust cookie/consent groups to RudderStack's consent purposes. RudderStack, in turn, uses this consent information to enable/disable tracking and sending the data.
How the RudderStack-OneTrust integration works
Whenever a user starts browsing a website, OneTrust pops up a modal to take consent from the user. This modal contains a list of cookie groups representing the GDPR consent purposes that the user needs to decline or accept.
The JavaScript SDK fetches these consented groups and the destination (OneTrust category) mappings specified in the RudderStack dashboard. Depending on these settings, the SDK filters the destinations.
Setting up the integration
The following sections highlight the steps to set up the JavaScript SDK integration with OneTrust.
Step 1: Configuring OneTrust
Follow these steps to configure OneTrust for your web app:
- Create a OneTrust account and get subscription to their Cookie Consent product.
- Navigate to Websites > Add Websites.
- Enter your top-level website URL to scan and click Start Scan.
- Go to the Categorizations tab and define the new categories or modify the existing ones, as required.
- Go to the Scripts tab, select the domain to be published and click Publish to publish the script.
Step 2: Specifying the OneTrust Cookie Categories
You need to enable OneTrust for a given JavaScript source. To do so, specify the consent category names defined in OneTrust (Step 1) for each destination connected to that JavaScript source.
Step 3: Setting up your website
- Load the OneTrust script that you published in your web app in Step 1, as shown below:
<!-- OneTrust Cookies Consent Notice start for samplewebsite.com --><script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" type="text/javascript" charset="UTF-8" data-domain-script="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" ></script><script type="text/javascript"> // Required OneTrust callback function OptanonWrapper() { }</script><!-- OneTrust Cookies Consent Notice end for samplewebsite.com -->- Load the JavaScript SDK only after the user provides consent.
The JavaScript SDK determines whether to send events to a destination based on the user's consent type.
One way to load the JavaScript SDK after the user provides the consent is to modify the OptanonWrapper() callback function provided by OneTrust. You also need to add the cookieConsentManager option in the load() call as shown:
function OptanonWrapper() { if (window.OneTrust.IsAlertBoxClosed()) { // Load the SDK rudderanalytics.load(WRITE_KEY, DATA_PLANE_URL, { cookieConsentManager: { oneTrust: { enabled: true } }, //other options }); }}Once completed, RudderStack reads the consented categories and filters the destinations accordingly.
WRITE_KEY and DATA_PLANE_URL in the above snippet with the actual values.FAQ
Can I integrate the RudderStack JavaScript SDK with any consent manager?
Currently, RudderStack only supports OneTrust cookie consent manager.
However, you can use a workaround to integrate some other consent manager by managing the cookie consent yourself and translating that information into a list of destinations which need to be loaded/blocked. Once done, load the JavaScript SDK to filter the destinations via the integrations object.
Contact us
For more information on the topics covered on this page, email us or start a conversation in our Slack community.