While earlier versions of ITP only aimed for third-party cookies, ITP 2.1 also tackles first-party cookies. Since March 2019, the storage duration for first-party cookies is limited to seven days.

With ITP 2.1, all persistent client-side cookies, i.e., persistent cookies created through document.cookie, are capped to a seven-day expiry.

Apple's New Tracking Protection

The new ITP technology prevents ad networks from tracking you across websites by limiting the ability to store third-party cookies permanently. With the smaller releases of iOS (12.2) and macOS (10.14.4), Apple introduced a new version of its Safari browser and a new version of ITP (2.1).

How does IPT 2.1. affect Mapp Intelligence Customers?

Mapp uses multiple cookies to store tracking information on a device, primarily to recognize those devices when a user returns to a website. The main cookie contains the so-called Mapp Intelligence everId – this is our main cookie ID for detecting devices. We use this cookie to calculate the "visitor" metrics. If Apple automatically deletes this cookie after seven days and users return to the site, the number of "visitors" recorded increases as the device is now recognized as "new." Safari is a popular browser – most iPhone users use it to surf the web. Depending on the individual Safari share on a customer's website, the number of visitors increases.

Best Practice

To maintain high-quality data with ITP 2.1, Mapp Intelligence customers must use their tracking domain and use it only as HTTPS. They also must set the cookie option in the tracking script to "3". This will create the everId cookie in its tracking domain (without the subdomain) with the necessary cookie flags secure and httpOnly. This is the only exception for which Apple allows a cookie to be stored for more than seven days. To sustain your Mapp Intelligence data quality, follow the steps provided in this Best Practice.

Use Server Cookies for Tracking

You must also set the cookie option in our tracking script to "3". This will create the everId cookie in a separate tracking domain (including the subdomain) with the necessary cookie flags secure and httpOnly. This is the only exception where Apple allows a cookie to be stored for longer than seven days.

Example: Global configuration

var webtrekkConfig = {
	trackId: "111111111111111",
	trackDomain: "sub.domain.tld",
	domain: "www.domain.tld",
	cookie: "3"

Example: Page-specific configuration

var wt = new webtrekkV3();
wt.cookie = "3";
wt.contentId = "de.startseite";


Existing cookies are lost when switching from a client (option "1") to server cookies (option "3").

Send all Pixels via HTTPS

To flag the server cookie, all tracking requests must be sent via HTTPS. Use the 'forceHTTPS' configuration property to do this.

Use the Cookie Control Plugin

If you want to switch from client (option "1") to server cookies (option "3") and keep existing cookies (everId), we recommend that you use the Cookie Control Plugin. The plugin migrates existing everId cookies to the new track domain. Find a detailed description of the Cookie Control Plugin. Without the plugin, existing everIds will not be used by the new track domain. This means that new cookies will be set, resulting in new visitor IDs. In your reporting, the first visit after setting up your custom track domain is always counted as a new visit. This distorts the metrics for new and returning visitors.

Change your Marketing Automation Configuration

To read the everId (relevant to the segments), the marketing automation requests must be sent to your custom tracking domain. Contact your Mapp Intelligence account manager for the configuration.

Change your Server-to-Server Tracking

The tracking system generates an ever-ID on the first visit of a user and stores it in its custom track domain (without the subdomain) in the cookie "wteid_[Track-ID]." More information on Server-to-Server Tracking

Name of the cookie: wteid_[Track - ID] Cookie contents: [Ever - ID]
Cookie domain: [Track - Domain]
Cookie path: /
Cookie duration: 6 months
Example of the cookie contents: 4138210064900146323

The ever-ID can be retrieved from the Mapp Intelligence cookie to be used for the server-to-server requests (parameter eid).


To continue to have access to the cookie (for example, for server-to-server tracking or for passing the eid when changing domains), it is essential that the cookie is set in your main domain. For this purpose, contact the Mapp Support Team.

Change your Mapp Intelligence Opt-out Logic

The Mapp Intelligence Opt-out also is affected by ITP 2.1. To prevent a user from selecting opt-out again every seven days, use the server-side opt-out option. Find more information on Privacy: Setting the Opt-Out Cookie.

Change your Tracker or Proxy Solution

If you are using your custom track server or proxy server, contact your Mapp Intelligence account manager to verify your current tracking implementation.

Use Server Sampling

If you are using the Mapp Intelligence Pixel Sampling, you need to switch to Server Sampling. Contact your Mapp Intelligence account manager for activation and configuration.


When changing from pixel to server sampling, the currently sampled users are not taken over.

Adjust your URI for API Calls

To call the Mapp Intelligence REST API, adapt the URI as follows:

Audience REST API


See Using the Audience API with your own tracking domain

Recommendation REST API


See Using the API with your Own Tracking Domain