feat(audience-sdk): add getAnonymousId() and imtbl_aid URL param support#2881
Merged
Conversation
…ort (SDK-478) Enables cross-browser anonymous ID continuity for in-app browser → OS browser flows (e.g. Facebook in-app browser social login boot-out). getAnonymousId() exposes the current ID so callers can append it to OAuth redirect URLs; on init the SDK reads ?imtbl_aid= and adopts it as the canonical anonymous ID, then strips the param from the URL. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
✅ Pixel Bundle Size — @imtbl/pixel
Budget: 10.00 KB gzipped (warn at 8.00 KB) |
✅ Audience Bundle Size — @imtbl/audience
Budget: 24.00 KB gzipped (warn at 20.00 KB) |
|
View your CI Pipeline Execution ↗ for commit 1f953e3
💡 Verify your cache is correct by running tasks in a sandbox. Read docs ↗ ☁️ Nx Cloud last updated this comment at |
- Strip imtbl_aid unconditionally (before consent check) so the param never lingers in the URL at none consent or gets re-processed on upgrade - Add JSDoc to adoptAnonymousId noting callers are responsible for consent - Add URL stripping test for sole-param case (no trailing ?) - Add test confirming imtbl_aid is stripped even at none consent Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Strip imtbl_aid unconditionally (before consent check) so the param never lingers in the URL at none consent or gets re-processed on upgrade - Move adoptAnonymousId to @imtbl/audience-core/internal subpath export so it is no longer public API on the core index - Drop redundant any casts in new test assertions - Add URL stripping test for sole-param case (no trailing ?) - Add test confirming imtbl_aid is stripped even at none consent Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
bkbooth
reviewed
Jun 9, 2026
bkbooth
reviewed
Jun 9, 2026
…state - Validate imtbl_aid against UUID format before adopting — invalid values (empty, non-UUID, excessively long) are stripped from the URL but ignored - Fix replaceState call to use window.history.state instead of null, preserving SPA router state (scroll position, page data, etc.) - Add tests for invalid imtbl_aid cases and update test fixtures to use valid UUID values Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
bkbooth
approved these changes
Jun 9, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When a user clicks a social login option inside an in-app browser (e.g. Facebook), they get booted to the OS browser to complete OAuth — and the Audience SDK mints a fresh anonymous ID in that new context, orphaning all pre-login attribution from the in-app session. This PR fixes that by giving callers the tools to carry the anonymous ID across the browser switch.
getAnonymousId()— exposes the current anonymous ID as a public method so integrators can append it to OAuth redirect URLs as?imtbl_aid=<id>?imtbl_aid=on init — the SDK reads this param on startup, adopts it as the canonical anonymous ID (writing it to the cookie), and strips it from the URL viahistory.replaceStateMirrors the same pattern Segment uses (
?ajs_aid=) and what theplayrepo already implements for Segment. No changes needed to the Pixel — it shares the same cookie and inherits the corrected ID automatically.Closes SDK-478
Test plan
imtbl_aidadoption, URL stripping,getAnonymousId()return value matching outgoing eventanonymousId, and thatimtbl_aidis ignored atnoneconsent🤖 Generated with Claude Code