--- title: "Using the WebTag service" date: "2024-11-09T17:32:13+00:00" summary: "Learn how to integrate Acquia as a first-party domain using WebTag for seamless CDP data capture and insightful analytics." image: type: "page" url: "/customer-data-platform/using-webtag-service" id: "4ca38ccd-f291-40e5-ba09-6e1c28aa345e" --- This page provides instructions on how to integrate Acquia as a first-party domain with your website for the following scenario: * IT technicians want to use the webtag script to seamlessly integrate Acquia and capture visitor behavior traffic for CDP.  IT technicians can use the following tasks to set up a service user with a protected token, securely send data to CDP, accomplish marketing strategy campaigns, and generate insightful analytics reports. The following diagram depicts the process flow for using the webtag service: ![CDP documentation restructure](https://acquia.widen.net/content/65977015-f24a-4c65-aaf7-82e4854eb4c3/web/CDP%20documentation%20restructure-Webtag%20Service%20User.png) The following checklist lists the tasks for using the webtag service: S. No Task 1 [Sign in to the CDP user interface](/customer-data-platform/getting-started/signin-cdp) 2 [Create a user role through the Integration Management UI instances](#create-user-roles) 3 [Create a Token Retrieve request using Postman](#create-token-retrieve-request) 4 [Validate data in CDP](#validating-data-in-cdp) 5 Selecting the webtag version for CDP: * [Configuring WebTag manually](/customer-data-platform/configuring-webtag-manually "Configuring WebTag manually") * [Configuring WebTag using Google Tag Manager](/customer-data-platform/configuring-webtag-using-google-tag-manager "Configuring WebTag using Google Tag Manager") Creating a user role by setting up [an instance](#setting-instance) ------------------------------------------------------------------- 1. Click **Integrations** > **Instances**. If the **Instances** tab is not visible, your account does not have the required role. To get access, contact your CDP administrator. 2. Click **Add Instance.** The system displays the Create Instance page. 3. In **Name**, enter the name for your instance. For example, Acquia\_API\_Webtag. 4. In the **Instance Type** field, select `DW Tracker` to push upstream payloads from a source system to CDP. 5. Click **Save.** The system system creates the instance and auto-populates values in the following fields: * **API Host URL** * **Authentication Host URL** * **UserName** * **Password** ![cdp_instance-information.png](https://acquia.widen.net/content/6459de86-5936-47c7-a756-b7eae112e698/web/cdp_instance-information.png?h=480&itok=-d8QWd_1) If you forget your tracker password, regenerate the credentials and ensure that they are not used elsewhere. 6. Take a backup of the following credentials at a secure location as you cannot view them in the system again: *  **Authentication Host URL** * **UserName** * **Password** These credentials are used when creating a user role through Postman. Creating a Token Retrieve request using Postman ----------------------------------------------- Complete the following steps to create a Token Retrieve request using Postman: 1. [Set up Postman](#set-up-postman) 2. [Set up the authentication request](#set-up-the-authentication-request) 3. [Set up the Token Retrieve request](#set-up-token-retrieve-request) [Setting up Postman](https://docs.acquia.com/customer-data-platform/integration-and-data-collection/api-integration/api-authentication-mechanism/api-authentication-0#set-up-postman) ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1. Download and open [Postman](https://www.postman.com/downloads/). 2. Click **Create Collection**. ![cdp_create-collection.png](https://acquia.widen.net/content/2f8a95b7-f596-494d-af1e-4ebda3d1f770/web/cdp_create-collection.png) 3. Click the Ellipsis icon, click **Rename**, and then rename the folder collection to **CDP** **Authentication**. ![cdp_rename-CDP-authentication.png](https://acquia.widen.net/content/159ddbee-ce44-4490-b139-8d2c58dbbc07/web/cdp_rename-CDP-authentication.png?h=480&itok=jirwNHh7) Setting up the authentication request ------------------------------------- 1. In the **CDP Authentication** collection, click **Add a request**. ![cdp_api-postman-add-request.png](https://acquia.widen.net/content/6b31a96f-f852-4ec1-bdb6-70c0123b2091/web/cdp_api-postman-add-request.png?w=480&itok=Umz5-0aG) 2. Click the Ellipsis icon, click **Rename**, and then rename the request to **Step 1 - Authenticate with Username and Password (One Time)**. 3. Change the request to `POST`. ![cdp_api-postman-post.png](https://acquia.widen.net/content/645db065-9427-43aa-8e05-78d6eab8e554/web/cdp_api-postman-post.png) 4. Modify the endpoint URL parameter of the Authentication mechanism from `/authentication` to `/token`. 5. Enter the following in **Query Params** to be added to the URL: * **Key**: `scheme`, **Value**: `a1webtag` * **Key**: `action`, **Value**: `create` ![cdp_query-params.png](https://acquia.widen.net/content/933cadff-c9aa-41f0-9b06-2e0b63805a46/web/cdp_query-params.png) The system adds the parameters to the URL: `https://auth.agilone.com/token?scheme=a1webtag&action=create` The following are the URL parameters: Cloud Region URL Endpoint Parameter Description AWS `auth.agilone.com` * `/token` indicates the path that directs the request to the server's token management or generation resource. * `?` indicates the beginning of the query string, which contains the parameters. * `scheme=a1webtag` specifies the authentication scheme, indicating to the server that the request follows the a1webtag protocol, which might affect token generation or permissions. * `&` allows addition of multiple key-value pairs to the query string. * `action=create` indicates a request for the server to generate a new valid token, staying within the unclaimed token limit for the specified `a1user` scheme. 6. Click the **Authorization** tab and select the **Type** as **Basic Auth**. ![cdp_basic-auth.png](https://acquia.widen.net/content/157f2f69-c7da-4940-b6ef-0c2573ec990d/web/cdp_basic-auth.png?h=480&itok=eFAV4vFG) 7. Enter the username and password. ![cdp_authorization.png](https://acquia.widen.net/content/7a93d631-9344-4895-a471-e3f9f7366fa0/web/cdp_authorization.png?w=1090&itok=VngWTDhE) Postman recommends that you save all sensitive information into variables. For more information, visit [Store and reuse values using variables](https://learning.postman.com/docs/sending-requests/variables/variables/). If you cannot set up variables, delete the sensitive information and re-enter the credentials each time you need, so that you can conduct tests to avoid security risks. 8. Click the **Headers** tab. ![cdp_headers.png](https://acquia.widen.net/content/b5d9bde6-1c31-4e68-9b9e-e840d4e9ac82/web/cdp_headers.png) 9. Add **Key** as **Content-Type** and **Value** as **application/json**. 10. Click **Save** and click **Send**. ![cdp_save-send.png](https://acquia.widen.net/content/054c6226-b84a-4ddf-88cf-e72f6bcf9f01/web/cdp_save-send.png?w=220&itok=BAjvedA7) For successful requests, Postman displays **Status: 200 OK** and **access\_token**. ![cdp_access-token1.png](https://acquia.widen.net/content/2e02a396-15ca-44d0-8da4-97f49c5f2709/web/cdp_access-token1.png) You can initiate the user authentication step only after creating a token. You can use the token until it expires. You must not resend the request for continued testing with the generated token. Setting up the Token Retrieve request ------------------------------------- 1. Click the Ellipsis icon and click **Duplicate** to make a copy of the **Step 1 - Authenticate with Username and Password (One Time)** authentication request. ![cdp_duplicate-step.png](https://acquia.widen.net/content/7227cfa4-5bbc-4c0d-a75d-ebb97a2ad7bb/web/cdp_duplicate-step.png?h=480&itok=rSAzwXdk) 2. Click the Ellipsis icon, click **Rename,** and rename the copy of the authentication request to **Step 2 - Create Access Token (Once at Time)**. 3. Change the request to `GET`. 4. Click the **Authorization** tab and select the **Type** as **Basic Auth**. If the request was duplicated correctly, it must already be pre-populated. Postman recommends that you save all sensitive information into variables. For more information, visit [Store and reuse values using variables](https://learning.postman.com/docs/sending-requests/variables/variables/). If you cannot set up variables, delete the sensitive information and re-enter the credentials each time you need, so that you can conduct tests to avoid security risks. 5. Click the **Headers** tab. 6. Add **Key** as **Content-Type** and **Value** as **application/x-www-form-urlencoded**. 7. Click **Save** and click **Send**. For successful requests, Postman displays **Status: 200 OK** and **access\_token**. ![cdp_access-token2.png](https://acquia.widen.net/content/470a1bd5-3fcb-43ab-b4b3-38b9c2ddf6d5/web/cdp_access-token2.png) Ensure to check the expiration date of the token on a regular cadence through GET request calls. The `expires_in` field in the response body indicates the lifespan of the token. By default, tokens last 90 days in Customer Sandbox (CS) and 180 days in UAT and Production (PROD) environments. The response body consists of the following parameters: **Parameter** **Description** `access_token` A unique string that serves as a token for accessing protected resources. In this case, `"f265e508-c599-44e3-ab60-60a040a9154a"` is the token that the API returns. You must include this token in the header of subsequent requests to access authorized resources. `token_type` The type of token that is issued by the server. In this example, the token type is `"bearer"`, which means that the bearer of this token has the authorization to access the resources. Bearer tokens are a common method used in OAuth 2.0 for accessing resources. `expires_in` The lifetime of the access token in seconds. Once this time elapses, the token expires and no longer grants access. In this case, `15600000` seconds means the token has a significant duration before expiration. Validating data in CDP ---------------------- Note Ensure that you have the necessary add-on subscription for Interactive Queries. Use the following procedure to validate data integration in CDP: 1. [Sign in to your CDP user interface](https://docs.acquia.com/customer-data-platform/docs/profiles-and-data-unification/getting-started/signin-cdp.html). 2. Navigate to **Interactive Queries** > **Queries**. 3. Click **Create** to initiate a new query. 4. In the left panel, check the list of entities. This list enables API data validation for real time custom events using `zone.datavalidation.dw_real-time_`. ### Querying entities Query each entity individually or combine them based on the validation requirements. **Example**: Querying individual real-time entities -- Customer entity SELECT *  FROM zone_datavalidation.dw_realtime_customer; -- Event entity SELECT *  FROM zone_datavalidation.dw_realtime_event; **Example:** Combining real-time entities SELECT  customer.*,  event.*,  TO_VARCHAR(TO_TIMESTAMP_NTZ(event.EventTimestamp / 1000), 'MM.DD.YYYY') AS WebTagDate FROM zone_datavalidation.dw_realtime_customer AS customer LEFT JOIN zone_datavalidation.dw_realtime_event AS event ON customer.id = event.customerid LIMIT 1 Users format a view based on the real-time validations required for reviewing the dataset delivered from your website. Refer to [CDP referential integrity IDs](https://docs.acquia.com/customer-data-platform/docs/integration-and-data-collection/data-mapping/cdp-referential-integrity-ids) to understand the primary key relationships used for table joins. This step helps to validate how entity fields align with [upstream data mappings](https://docs.acquia.com/customer-data-platform/docs/integration-and-data-collection/data-mapping/upstream-data-mapping).