By default, the Didomi CMP uses first-party cookies to store consent information. Consent is therefore shared across all the sub-domains of the base domain where the SDK is deployed but is not shared across domains.

Example: If you install Didomi on www.domain.com, consents will be stored in a cookie on .domain.com and all sub-domains of domain.com will have access to the same consent information. Other domain names (www.other-domain.com) will NOT have access to that consent information.

With group cookies, consent is stored on a sub-domain that you own and delegate to us (like privacy.your-domain.com) and can be shared across all your websites.

Consents will be shared only between the domains that have activated the group cookies feature with the same specific sub-domain. It allows you to have private consents between your different websites without exposing them to third-parties.

Limits and obligations

Before enabling this feature, please keep in mind the following limits and obligations.

Storage in cookies must be enabled

For the cross-domain feature to work, cookies must be enabled as a storage method.

This can be achieved either through the default configuration or by setting cookies.storageSources.cookies to true.

User information

If you are enabling this feature, you must update your notice and popup content to correctly inform the user that their consent will be shared across multiple websites for the collected consents to be valid. Include a list of websites and legal entities that will be sharing consent.

Third-party cookies limitations

This feature depends on browsers accepting third-party cookies. By default, more browsers are blocking the use of third-arty cookies. Therefore users that browse with default settings for Safari, Firefox, Chrome under iOS for mobiles or, have blocked third-party cookies will not be able to store third-party cookies in their browser. Didomi will fall back to using first-party cookies when third-party cookies are not available.

Switch from first-party cookies

If you are already using Didomi with first-party cookies (the default behavior) and decide to switch to third-party cookies, please be advised that all your previous consents will be lost. The consent notice will be displayed to all visitors again to recollect consent.

Load time

Sharing consent between domains increases the load time of the SDK as it involves additional asynchronous operations for reading and writing consent from a different domain. Read more in our FAQ.

Setup a custom domain

Configure your domain to use for sharing consents by following our Custom domain guide.

Configure your consent notice

Update your SDK configuration on all the websites that need to share consent (this can be done via the Didomi Console):

window.didomiConfig = {
  cookies: {
    group: {
      enabled: true,
      customDomain: 'privacy.your-domain.com'
    }
  }
};

After that setup is done, the Didomi SDK will start using privacy.your-domain.com for storing consent cookies. You must use the same customDomain configuration on all the websites that you want to share consents between.