Share consents between domains

By default, the Didomi CMP uses first-party cookies to store consent information. Consent is therefore shared across all the sub-domains of the base domain where the SDK is deployed but is not shared across domains.

Example: If you install Didomi on www.domain.com, consents will be stored in a cookie on .domain.com and all sub-domains of domain.com will have access to the same consent information. Other domain names (www.other-domain.com) will NOT have access to that consent information.

With group cookies, consent is stored on a sub-domain that you own and delegate to us (like privacy.your-domain.com) and can be shared across all your websites.

Consents will be shared only between the domains that have activated the group cookies feature with the same specific sub-domain. It allows you to have private consents between your different websites without exposing them to third-parties.

Limits and obligations

Before enabling this feature, please keep in mind the following limits and obligations.

User information

If you are enabling this feature, you must update your notice and popup content to correctly inform the user that their consent will be shared across multiple websites for the collected consents to be valid. Include a list of websites and legal entities that will be sharing consent.

Third-party cookies limitations

This feature depends on browsers accepting third-party cookies. Users that browse with Safari or have blocked third-party cookies will not be able to store third-party cookies in their browser. Didomi will fall back to using first-party cookies when third-party cookies are not available.

Switch from first-party cookies

If you are already using Didomi with first-party cookies (the default behavior) and decide to switch to third-party cookies, please be advised that all your previous consents will be lost. The consent notice will be displayed to all visitors again to recollect consent.

Setup

Choose a sub-domain

Pick a sub-domain that will be used for sharing consent cookies across all your websites. We recommend picking a sub-domain of your biggest website.

Delegate your sub-domain to Didomi

Create a DNS record with your DNS provider or registrar that manages your domain, and use the following configuration parameters:

Parameter name

Value

Notes

Name

Your custom domain (privacy.company-name.com or similar)

You will be creating a DNS record for a specific sub-domain of your domain name (like privacy., for instance) and not delegating the DNS management of your whole domain.

Type

NS (Name server)

The type NS allows us to generate SSL certificates for the sub-domain and serve your privacy center with SSL/HTTPS.

TTL (seconds)

300

Value

ns1.privacy-center.org ns2.privacy-center.org ns3.privacy-center.org ns4.privacy-center.org

Didomi's name servers that will host the DNS records for your custom domain

If you are using CloudFront from Amazon Web Services

To support your custom domain, we will create a dedicated CloudFront distribution with your custom domain as a CNAME. Because of AWS restrictions, it is not possible for us to create that distribution if you already have a distribution in your account with either the exact same CNAME or a matching wildcard CNAME.

For instance, if you have chosen to use the custom domain privacy.company.com and already have a CloudFront distribution with either privacy.company.com or *.company.com as CNAMEs, we will not be able to create the custom domain for you.

Contact our support team

Before you can start using your custom domain for sharing consents, we need to setup our DNS servers to recognize it. Send an email to support@didomi.io to let us know what custom domain you will be using and that the setup is done on your side.

Do not configure your consent notice to use your custom domain until we have confirmed that the setup is done on our side.

Update your SDK configuration on all the websites that need to share consent (this can be done via the Didomi Console):

window.didomiConfig = {
cookies: {
group: {
enabled: true,
customDomain: 'privacy.your-domain.com'
}
}
};

After that setup is done, the Didomi SDK will start using privacy.your-domain.com for storing consent cookies. You must use the same customDomain configuration on all the websites that you want to share consents between.