Skip to main content
Pass an options object as the second argument to init() to configure SDK behavior: 
window.zeotap.init("YOUR_WRITE_KEY", {
  useConsent: true,
  checkForCMP: true,
  hashIdentities: true,
  // ...
});

Core options

ParameterTypeDefaultDescription
[options.optOut]BooleanfalseMaster switch. If true, no events are posted. Used as a fallback when user consent is not specified.
[options.useConsent]BooleanfalseIf true, the SDK waits for a consent signal before recording events. Combine with checkForCMP to choose the consent source.
[options.checkForCMP]BooleantrueIf true, the SDK queries the TCF 2.0 CMP on the page. If false, consent must be supplied via setConsent. See Consent Resolution.
[options.user_country]StringnullAlpha-ISO3 country code attached to every request as user.user_country. Determines storage region. Defaults to IP-derived country when omitted.
[options.debug]BooleanfalseIf true, events are logged to the console instead of posted. Useful for local testing.

Identity & hashing

ParameterTypeDefaultDescription
[options.areIdentitiesHashed]BooleanfalseSet to true if your setUserIdentities calls already supply hashed PII (email_sha256_lowercase, etc.).
[options.hashIdentities]BooleanfalseIf true, raw PII passed to setUserIdentities is hashed by the SDK before being sent.
Both flags apply only to PII fields. Custom identities (crmID, visitorID, etc.) are always sent as-is.
See API Reference → Set User Identities for the full list of PII fields and supported hash variants.

Cookies & storage

ParameterTypeDefaultDescription
[options.storageExpirationDays]Number365Expiry (days) for cookies used for default user identification and custom consent.
[options.domain]Stringtop-level domainDomain to scope cookies against. Defaults to the top-level domain (e.g. .zeotap.com for www.abc.zeotap.com).
[options.onlySecureCookie]BooleantrueWhether cookies are marked secure. Keep at the default unless you have a specific reason to change it.
[options.persistenceInCookieStorage]BooleanfalseIf true, the SDK persists consent and identity data in cookies. If false, session storage is used instead.

Event delivery

ParameterTypeDefaultDescription
[options.eventUploadThreshold]Number1Maximum events allowed in the unsent queue before the next batch is dispatched immediately.
[options.uploadBatchSize]Number1Number of events posted per batch.
[options.eventUploadPeriodMillis]Number500If the queue is below the threshold, the next post is scheduled after this delay (ms).
[options.eventRetryDelayMillis]Number500Delay (ms) added per back-off when retrying a failed post.
[options.maxRetries]Number3Number of retries before an event is dropped.
ParameterTypeDefaultDescription
[options.allowCookieSync]BooleantrueIf true, the SDK performs daily-capped cookie syncs with ALL channel partners. To restrict, contact zeotap representative or support team.
[options.cookieSync]BooleantrueEnables/disables cookie syncing with Zeotap’s integrated channels (configured on your account). Tie this to a consent signal to gate cookie sync on the user’s choice.

TCF integration

ParameterTypeDefaultDescription
[options.includeTCFString]BooleanfalseIf true, the SDK looks for the TCF API and passes the gdpr_consent string in the payload. Events still go through even if no TCF API is present.
[options.purposesForTracking]number[][1,3,4]TCF purpose IDs that gate tracking. See the TCF purposes appendix.
[options.purposesForCookieSyncing]number[][1,3,4]TCF purpose IDs that gate cookie syncing.

Google Analytics integration

Enable these options to forward GA Client ID / User ID cookies into Zeotap events.
ParameterTypeDefaultDescription
[options.allowGAClientId]BooleantrueIf false, GA Client ID is not forwarded in POST calls.
[options.gaClientIdCookiePrefix]String""Prefix for the GA Client ID cookie name. If 'client', the SDK reads client_ga. If empty, it reads _ga.
[options.gaUserIdCookieName]String""Cookie name for the GA User ID.
[options.gaUserIdOnlyLoginEvent]BooleanfalseIf true, the GA User ID is only sent on setUserIdentities calls (not every event).

ID5 integration

Capturing the ID5 universal ID requires a separate agreement with Zeotap (third-party tag). Contact your Zeotap POC to enable. 
<!-- 1. Load the ID5 library after your CMP, before Zeotap -->
<script src="https://cdn.id5-sync.com/api/1.0/id5-api.js"></script>

<!-- 2. Initialize Zeotap with id5 + id5PartnerID -->
<script type="text/javascript">
window.zeotap.init("YOUR_WRITE_KEY", {
  useConsent: true,
  checkForCMP: true,
  id5: true,
  id5PartnerID: <YOUR_ID5_PARTNER_ID>
});
</script>
The encrypted ID5 user ID flows in the event payload under user identity. Decrypt server-side using the ID5 Decryption API.

A complete example

window.zeotap.init("YOUR_WRITE_KEY", {
  useConsent: true,
  checkForCMP: false,           // custom consent flow
  hashIdentities: true,         // hash raw PII at the SDK
  user_country: "DEU",
  persistenceInCookieStorage: true,
  storageExpirationDays: 180,
  debug: false,
  allowGAClientId: true,
  gaClientIdCookiePrefix: ""
});
Last modified on June 22, 2026