HTTP tracking API source
version 2.0
Last updated
version 2.0
Last updated
The HTTP Tracking API is used to track events from any website, application or server. The data is collected by our servers, and then processed and routed to any configured destination. It is often used for server-to-server use case.
To manage users, check instead the dedicated , and for products, the .
The API's collect endpoint is available at the following URL:
HTTP method: POST
tc_s (required): site id
token (required): source key
The source key is displayed in the settings of any .
The endpoint requires a Content-Type header set to application/json:
The properties of the event must be provided in the request body in JSON format.
Timestamps must be in milliseconds (ms).
consistent_anonymous_id corresponds to a unique identifier for a user, used on the CAX platform to identify a user. It is the equivalent of CAID cookie on a Web source.
As an exception, a 400 HTTP code is returned in case the request is too large or the payload JSON is invalid.
There is a maximum of 32KB per API request.
The batch API endpoint accepts a maximum of 500KB per request, with a limit of 32KB per event in the batch.
Example of an API request:
Download OpenAPI specification:
Our API operates over HTTPS, a standard for secure communication on the internet. This protocol ensures that data is encrypted and transmitted securely.
In conjunction with HTTPS, we employ an API token-based authentication system. Each created source is assigned a unique token that remains consistent across all API requests for this specific source. This design offers both security and convenience, allowing clients to manage multiple sources each with their own dedicated token. The ability for clients to create, manage, and deactivate sources at will via our interface adds an additional layer of control, ensuring that tokens can be invalidated as necessary for security or operational reasons. Our security approach is tailored to the diverse needs of our clients. We focus on providing a secure, efficient, and user-friendly experience. Our choice of HTTPS and token-based authentication aligns with our commitment to delivering robust security while ensuring ease of integration and operational flexibility for our clients. This approach is chosen over more complex systems like Mutual TLS (mTLS), OpenID Connect (OIDC), or IP filtering.
Currently the batch endpoint is not publicly open, please contact us if you want to be part of the closed beta.
The batch method lets you send a series of event requests in a single batch, saving on outbound requests.
There is a maximum of 500KB per batch request and 32KB per call.
The BATCH API's collect endpoint is available at the following URL:
Example of an API request:
Find details on best practices in event naming as well as the event method payload in our .
The format of the payload evolved on Nov. 2022. The old format will still be supported during one year. .
The endpoint returns a 200 HTTP response to all API requests. Thus, debugging should be done using the platform interface or our (event inspector or event delivery API).
There is no real rate limit above which the system will discard your data. But if you need to import at a rate faster than 500 requests per second, please beforehand.