A lot of Eloqua’s functionality is dependent on it being able to track visitors to your website. To do this, Eloqua relies on cookies, which are in turn dependent on how your tracking script is configured. (If you’re unfamiliar with cookies and why you’d want to use one type over another, read this blog post: Anyone want a internet cookie?)

Now that Mozilla Firefox has joined Apple Safari in blocking third-party cookies by default, both current and new Eloqua users need to carefully consider what type of script, and hence cookie, to use with their website. Together, the two applications represent 20% of all browsers being used today, which means marketers may lose the ability to personalize, trigger, and track campaigns for a large portion of their audience.

The decision to use first-party or third-party scripts isn’t one of simple code configurations.  Depending on what type of protocol your site uses to receive and transmit data and content, there are other downstream impacts that marketers should consider before making a decision.

As a quick recap, there are two main types of transfer protocol used by websites: Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS). Both are methods that govern how applications make remote requests and how responses should be formatted.  Because requests and responses can be intercepted and changed without either the sender or receiver’s knowledge, https was developed to provide further security by using encryption to take the data and encode it such that it appears random. Whether a site uses HTTP or HTTPS can be seen from the prefix to its web address (http://www.example.com vs. https://www.example.com).  In addition to this, nearly all browsers now display whether a site is secured via https or not. In Chrome, unsecure sites are flagged by an exclamation point in the URL bar, which when clicked provides a written warning; while secure sites display a padlock with a notice confirming that the site is good.

Example of HTTP site


Example of HTTPS site


For people considering a move to First-party cookies, this has a profound impact on the complexity of the migration.  This is summarized in the below table, and we’ll outline this in more depth as we go on.

Third-Party First-Party
https Standard Third-party script Standard First-Party Script

Requires More Configuration

Requires $$$

http Standard Third-party script Standard First-Party Script

Some configuration

Moving to Eloqua first-party cookie on an HTTP site

Congratulations.  You have the simplest route to moving from third- to first-party cookie.  For http sites, there are only two things that need to be done. These are:

  1. Decide the subdomain that you want the cookie to be set under. So, if your domain is example.com, you may want the cookie to be set under marketing.example.com. 
  2. Set up a microsite in Eloqua for your tracking domain.
  3. Log a ticket with Eloqua Support to enable first-party cookie support.  They’ll need your instance name, POD, Site ID, and tracking domain.
  4. Work with your IT team to update your Domain Name Server so that CNAME record that points to s[SiteID].hs.eloqua.com, where [SiteID] is the number assigned to your instance.
  5. Update the Eloqua tracking script so that it now sets the cookie under your domain rather than Eloqua’s.  The part you’ll need to insert is in bold and you’ll need to replace <tracking.example.com> with your tracking domain.  Remember to also replace XXXX with your site ID.

<script type=”text/javascript”>

    var _elqQ = _elqQ || [];

    _elqQ.push([‘elqSetSiteId’, XXXXX]);

    _elqQ.push([‘elqUseFirstPartyCookie’, ‘<tracking.example.com>’]);


    (function() {

        function async_load() {

            var s = document.createElement(‘script’); s.type = ‘text/javascript’;

            s.async = true;

            s.src = ‘//img.en25.com/i/elqCfg.min.js’;

            var x = document.getElementsByTagName(‘script’)[0];

            x.parentNode.insertBefore(s, x);


        if(window.addEventListener) window.addEventListener(‘DOMContentLoaded’, async_load, false);

        else if (window.attachEvent) window.attachEvent(‘onload’, async_load);



  1. If you’re using a tag manager to deploy the Eloqua tracking script, you’ll need to amend the script so that your tracking manager can trigger the script.

If you have an HTTP site, I recommend continuing to read this article.  Most web teams are moving to https for both security as well as SEO reasons, so sooner or later you’ll need to ensure that your Eloqua instance can accommodate this.

Moving to Eloqua First-Party Tracking Scripts for HTTPS sites

For marketers with HTTPS sites, in addition to the above steps, there’s slightly more configuration and expenditure required. These are:

  • Purchase a secure microsites license from Eloqua.  You’ll need one for each domain you’d like to use.
  • Work with your IT team to purchase an SSL certificate for your tracking domain.  You’ll need to log a ticket with Eloqua beforehand so they can give you the relevant information for your certificate. There are multiple types of SSL certificates that your IT team can purchase, such as Subject Area Network or Extended Validation Certificates, so you’ll need to work out the best one for your IT team and Eloqua instance.
    • Note:  SSL certificates have an expiration date upon which they need to be replaced.  To make your life easier, ensure that you purchase a multi-year certificate
  • Register your SSL with Eloqua
  • Create a secure microsite in your instance that is tied to your SSL certificate.

Checking your work

Once you’re done with all the above, you’ll want to check that Eloqua is deploying first-party cookies.  One way of doing this is by using the test scripts tool within Eloqua. It’s in the website tracking section.  However, the tracking tool isn’t always accurate, so the best way to test is to use either developer tools in Chrome or Firebug in Firefox.  Here’s an example of how Oracle’s Eloqua pages use a first-party cookie under the Oracle domain.

First-Party Cookie

If you have any questions in regards to the above, feel free to reach out to us.

Thank you for subscribing!

Subscribe to our Thought Leadership Today

Continue Reading


Please enter your comment!
Please enter your name here