5

As part of the upcoming changes to Facebook Ads, you now must verify ownership of your domain name.

We operate a SaaS platform where user content is hosted on subdomains (myaccount.example.com etc). We need these users to be able to verify ownership of their domain so they can track their own events. We have enabled them to add the meta tag on their domain, and this verifies okay.

<meta name="facebook-domain-verification" content="codefromfbhere" />

Subdomain is verified successfully

However, the problem is, when you go into 'Events manager' -> 'Aggregated event measurement' -> 'Configure web events', it shows me the root domain instead of the subdomain I just verified (e.g. example.com instead of myaccount.example.com).

Root domain shows instead of subdomain

This is possible, as Leadpages has achieved the same goal. When you add in a Leadpages subdomain, you're able to verify it via meta tag, and it shows the subdomain in the 'Web event configurations' area.

I don't see any extra headers that they have provided or anything else that would enable this.

How do you mark subdomains as independent from the eTLD+1?

Marc Fowler
  • 833
  • 1
  • 10
  • 19
  • What do the rest of your meta tags look like? – CBroe Feb 12 '21 at 07:55
  • There aren't any additional meta tags specified on that HTML page; I've tried adding the og:type as 'website' but this didn't have any impact. – Marc Fowler Feb 12 '21 at 09:24
  • What does the FB debug tool say? There are no redirects to the main domain, or canonical specified in a way that might be counterproductive to your intentions? Are you sure Leadpages achieves this by meta tag, have you checked one of the pages they actually applied this to? What about the other options, is verification via DNS record not a valid one for your use case? – CBroe Feb 12 '21 at 09:27
  • No redirects at all or anything like that in the debug tool, and, I've confirmed they're definitely doing it via meta tag! Verifying via DNS would be significantly more difficult to implement, though not impossible, but in our tests it didn't make a difference. I'm wondering if this is something that was enabled specifically just for them perhaps. – Marc Fowler Feb 14 '21 at 21:23

2 Answers2

3

[Update Mar 19 2021]

Facebook just announced they will be supporting the Public Suffix List for domain verification and event configuration. This means that merchants using a registered domain on the Public Suffix List will be able to use that domain for verifying and configuring their top 8 events on the domain. For example, if myplatform.com is a registered domain on the Public Suffix List, then Jasper, a merchant with the subdomain jasper.myplatform.com, would now qualify as an effective eTLD+1 and would be able to verify "jasper.myplatform.com" and use it to configure their top 8 events in the web events configuration tool.

Read more here: https://developers.facebook.com/docs/sharing/domain-verification

[Original Answer]

For the upcoming changes for Apple iOS 14.5, you can only verify root domain, which is example.com in your example in order to setup the web event configurations.

The only way you can do this is provide your client's a way to buy/setup their own domain on your service.

You may watch the webinar recording here https://www.facebook.com/business/m/sessionsforsuccess

Clementtang
  • 76
  • 6
  • This appears to be the correct answer and the current situation I'm afraid! – Marc Fowler Mar 01 '21 at 23:45
  • That's right. You should, however, check this with FB support because I think it may have a huge impact on businesses like yours - maybe the are thinking of a solution? – Fossa Mar 22 '21 at 11:51
  • Facebook just announced they will support the Public Suffix List for domain verification and event configuration. This means that merchants using a registered domain on the Public Suffix List will be able to use that domain for verifying and configuring their top 8 events on the domain. https://developers.facebook.com/docs/sharing/domain-verification – Clementtang Mar 23 '21 at 14:18
3

I wanted to chime in with the perspective of someone who works for Facebook. For most businesses, even ones that host pages for other businesses, Aggregated Event Measurement without anything extra is the correct solution.

Advertisers who do not own their own domains will not be able to verify the domain for the purpose of event configuration in Ads Manager. Advertisers may consider purchasing their own domain to continue running their campaigns uninterrupted, or moving toward link clicks/landing page views for campaign optimization and reporting. We are currently investigating other solutions for this use case but do not have any additional information to share at this time.

For a very small number of businesses already on the Public Suffix List (PSL) subdomains will be able to get data as if they were a root domain. This is because being on the PSL basically makes the root domain name act as if it was a TLD (such as “co.uk“ or ”gov.au“). In almost every case it does not make sense for sites to request to be added to the PSL as this dramatically changes how the Public Suffix listed domain name will function.

The PSL process is intended only for platform providers that provide subdomains for large numbers of small businesses which really ought to be treated as though they were in fact separate domains.

The Public Suffix List is not useful, nor intended to be used as a means to gain additional subdomain events reporting. Adding a domain name to the PSL means that there will be total cookie separation between subdomains and that cookies will become disabled on the root domain. If you a domain gets added to the PSL you'll not have much control for that site itself. For example, if you have a /login page on that domain. This may not work as it does today if you proceeded with a PSL addition, as cookies may get disabled on the root domain.

It’s also important to note that browsers will enforce the behavior described based on their own update cadence of the PSL. Some browsers don't update their lists more regularly than bi-annually. This means that if you're on the list and a browser updates their copy of the list, and you later decide to not be on the list, there may not be an easy way to back out the effects; it's not as simple as submitting another request to get taken off of the list.

More information can be found at Facebook’s help center article here.

n8schloss
  • 2,565
  • 2
  • 17
  • 27