I have a share point website running on a server, and have a asp.net website that that is configured to run attached to the share point site. This this not exposed as a domain site( i.e. with .com or .in or .nl etc), i access this site in my development and test environment using a URL something like
https://www-dev-myname.domainname.local/
In google analytic i am not able to add this as default URL for an account, it does not allow me to save it.
Is there a way i can create a account with a URL of this type and setup analytic for my site.
You can simply enter a valid url - it does not need to be that actual url of your website, the only consequence is that you cannot user inpage analyses (that and the little icon in the page content report that allows you to launch a url in a new window).
Wrong domain name nonwithstanding Google Analytics will work on any domain where it can set a cookie (and if it can't you can set the cookie domain to none, in that case you need to provide a client id yourself to maintain session tracking).
Related
I have cross domain tracking set up on my site, A.com so I can track conversions in my other site B.com in the GA for A.com .
But I have an iframe that I need to put on my site. It will embed a form that people will use to get to a link to my other domain (the one that is connected with cross domain tracking). That form is embedded from another domain, example.com. I was able to go into my dashboard on example.com and place my GTM code in the iframe.
Since that link will be embedded, it will no longer pickup the user, since the user will be technically coming from example.com and not my site anymore.
How can I track the users that go from A.com through the embedded form (example.com) to my other site, B.com?
Mainly I just want to be able to track user interactions on the embedded form, and conversion events on B.com.
If you can add your own code to the iframe (example.com), you can get it to talk to the parent domain (A.com) using the postMessage API:
https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
If you set this up, you'll be able to track events on A.com as normal and then set up cross domain tracking with B.com.
I'm using Centrify as my IdP with SAML SSO wordpress plugin to authenticate users on my intranet. This works fine.
However, I would now like to make an POST api call from the intranet back to Centrify to pull some data to display on my wordpress site.
Is it possible to configure Centrify so that it passes something like a .ASPAUTH cookie to the wordpress site so that I can it to make api calls?
If Wordpress is passing the user to Centrify to login (SAML), when the user comes back to Wordpress the .ASPXAUTH token is already set as a cookie in the browser. You cant access it in code, but if you make browser (CORS) calls to Centrify API's, the browser will automatically pass the cookie to Centrify with out you needing to manage it or pass it manually. These calls would need to be made in the browser (javascript), not from the server (php).
You will need to go into your Centrify admin portal, navigate to settings > Authentication > Security Settings > Specify trusted DNS domains for API calls and add the domain of the site that will be calling the Centrify API's. This is to trust the domain for CORS.
An easy test is to add a small amount of code to the browser code that does a simple post to https://tenant.my.centrify.com/security/whoami. No JSON needs to be passed to this call. This will simply respond telling you if we see the user as authenticated.
Please let me know if you have any other questions and do not hesitate to reach out to devsupport#centrify.com.
Thank you,
Nick Gamb
Sr. Manager, Developer Relations and Product Management
Centrify Corporation
I'm developing a website using ASP.NET identity that will work with subdomains that identify a client using some information from here I've got subdomains working locally, but I can't get it to work with OAuth.
For example, if I got to https://localhost:44301 and try to login with Google, everything is fine. In my Google console I have https://localhost:44301 under "Authorized JavaScript origins" and https://localhost:44301/signin-google under "Authorized redirect URIs". But when I go to https://foo.localhost:44301 Google will respond with:
Error: invalid_request
Invalid parameter value for redirect_uri: Non-public domains not allowed: https://foo.localhost:44301/signin-google
When you try to log in. I can add https://foo.localhost:44301 to "Authorized JavaScript origins" in the Google console, but it won't let me add https://foo.localhost:44301/signin-google under authorized redirect URIs because it will complain:
Invalid Redirect: https://foo.localhost:44301/signin-google must end with a public top-level domain (such as .com or .org)
Some other questions and answers suggest redirecting all subdomains to a single domain for OAuth, but ideally I want to keep logins per subdomain. So if you use google to sign it to foo.mydomain.com it will be separate from bar.mydomain.com and I don't think that'll work if I have to redirect both to the same single domain (although I'm not sure that's going to work without separate projects in Google.
Google and in general other OAuth2/OIDC providers will support redirecting to sub-domains. Your specific problem is that you seem to be trying to use sub-domains of localhost which is in the list of Special-Use Domain Names (RFC6761) and it seems Google has additional constraints for those ones.
However, this is not a real limitation because on production you'll use a public top-level domain from from where you'll have the specific sub-domains.
If you need to have this working for local development, you can use localtest.me which allows you to set a sub-domain you like (foo.localtest.me and bar.localtest.me) while still ensuring that the domain resolves to your local machine (127.0.0.1). This should stop Google from complaining about it...
We have Urchin installed for the server statitics. Our server has an intranet subdomain (of course, banned to the outer access). When I look for the referal of any intranet page, I found that almost half of the access are from "direct[(none)]" and "google[organic]":
"direct[(none)]" access includes bots, direct keyboard access,
pdf/documents links... and all of these have the acces banned, and
"google[organic]" access are done through the serach engine
that can't acces to index the page nor redirect to that
So, I must conclude that the statistics of Urchin are not faithful.
Can anybody confirm that terrible conclusion? Or can anybody explain and correct it?
There are several ways to install Urchin. In this response I assume you use the tag method.
Urchin will create traffic sources based on document.referrer, it doesn't guess, it uses real data.
When you install Urchin one of the options you need to set is the domain name. This setting is used to store a first party cookie that will hold session information including referral info.
Let's say your intranet site is intranet.mycompany.com, this subdomain is private to your network but maybe the cookie setting in Urchin is set to mycompany.com, this will create a cookie in that domain and this cookie will apply to all subdomains.
Maybe this hostname has other subdomains, some that might be accessible outside your corporation and since they share the same cookie, they will share the same traffic source as well.
google/(organic)
Imagine this scenario:
User Looks for Company in Google
User arrives at the main public site at www.mycompany.com. Urchin registers this as a new visit from google/(organic).
User opens the intranet website
Urchin uses the same cookie and this is seen as a continuation of the visit that already has a traffic source
Urchin just reuses the google/(organic) traffic source defined in the cookie.
Also Urchin can share cookies with Google Analytics, so if you are not using Urchin, but instead Google Analytics the scenario above is also possible.
direct(none)
Now about direct/(none). This is used everytime urchin can't determine a better traffic source. In other words when the javascript variable document.referrer is empty.
This can happen in a variety of moments, including but not limited to:
Clicks on a pdf document
Clicks in a Microsoft Office document
Directly typing the url in the browser navigation bar
Clicking in a bookmark
Going from an HTTPS to an HTTP webpage
I have a situation where my web application is opened from a CRM (win-based application).
Can I get the name of the application through a request variable? In a web application, the referral url works. Is there something which I can explore?
There's no way your web server is going to know which application opened the browser ... unless ... you give the application a different URL than normal traffic. (Same method advertising campaigns use to tell who has been clicking on their ads.) Have the desktop application use a URL with an added query parameter:
www.mywebsite.com/?source=mydesktopapplication
If this is impossible for you because you can't change the desktop app, then the only other (imperfect) thing I can think of is to assume that people with no referral URL are coming from the application. The problem with this of course is that you will mistakenly identify visitors with no referral URL who still did not come from the desktop app, such as people who typed your website's URL into their address bar, or who clicked on a bookmarked link.