Knowledgebase

Issue: You would like to change the position of the form button. (Typical case: You've just changed the button color of the form and now you want to change the position.) Please ensure that you have access to an experienced Web developer. Marketo Technical Support is not set up to assist with troubleshooting code. Solution: Add css style using adding the margin-left property referencing  the button. The following code snippet can be a positive or negative number to shift the button left or right. Typically if you used the button solution, add the margin-left property as in the screen shot - or add the code below in a custom html block. Code snippet: <style> div.buttonSubmit input, div.buttonSubmit span { margin-left: 50px; } </style> Related Articles How to move the form button up or down using CSS Forms 1.0 - Change the Style of the Submit Button

Issue: You would like to change ths position of the form button up or down. (Typical case: You've just changed the button color of the form and now you want to change the position.) Please ensure that you have access to an experienced Web developer. Marketo Technical Support is not set up to assist with troubleshooting code. Solution: Add css style using adding the margin-top property referencing the button. The following code snippet can be a positive or negative number to shift the button up or down. Typically if you used the button color solution add the margin-top property as in the screen shot or add the code below in an additional custom html block. Code snippet: < style> div.buttonSubmit input, div.buttonSubmit span { margin-top: 50px; } < /style> Related Links: Change Submit Button Style and Color How to move a form button left or right using CSS

NOTE: As of late-2019, a Secured Domains 'base' offering is now automatically included in all new customer subscriptions, and existing customers upon next renewal. This secures your first landing page domain and first tracking link domain. To make any domain changes, or purchase coverage for additional domains, please contact your Marketo Engage Customer Success Manager (CSM) for more information.   Marketo’s Secured Domains for Landing Pages secures any and all landing page domains defined in your instance to be served via HTTPS. Serving your pages securely assures that you’re providing critical security and data integrity for both your pages and your visitors’ personal information.   Below you’ll find the 5-step process to secure your Marketo landing pages with Marketo’s Secure Domains for Landing Pages. Please note, there is an automated support case that gets created on your behalf when the purchase of Secured Domains for Landing Pages is completed.     Step 1. Verify your Landing Page Domain, CNAMEs and any Domain Aliases are setup Before you can secure your landing page domains and any domain aliases (subdomains), you must first set these up in Marketo. If you are a new Marketo customer working through your implementation, please work with your implementation consultant on the landing page domain(s) setup and timing to cut over to HTTPS. If you’re securing your landing page domains for a previously implemented instance, please verify that your domains and domain aliases (subdomains) are set up in your instance. Below are some links to help: Edit Landing Page Settings – to set you Landing Page Domain Customize Your Landing Page URLs with a CNAME – to understand and set up CNAMEs (subdomains) Add Additional Landing Page CNAMEs – to set up multiple CNAMEs in your instance (subdomains) Be sure your redirect rules and domain aliases are updated to use https:// instead of http://    Step 2. Edit and update the HTML code of your existing landing page templates to HTTPS Next, you'll need to review and update your Marketo landing pages to ready them to be served securely. Please complete the following two actions in order before moving on to Step 3: If you purchased Marketo before January 2016, please un-approve and immediately re-approve all landing pages last updated before January 2016. This can be done in bulk in the Landing Pages section of Design Studio by selecting a group of pages for un-approve/re-approve via the “Landing Page Actions” menu. We recommend completing this step in batches of a maximum of 10-20 pages at a time. Instructions for doing so can be found here: Approve Multiple Landing Pages at Once - Marketo Docs - Product Documentation. You can see the "Last Updated" timestamp in the Landing Pages section of Design Studio. Open the HTML code for each landing page template. Change all URLs listed in the HTML currently formatted as "http://" to instead read "https://" TIP: Ctrl+F "http" to automatically highlight all URLs that must be updated: Simply add "s" after each http reference until ALL have been updated to https Missing even one URL's http reference will cause the "Mixed Content" browser warning:  vs.  SAVE THE PAGE AS A DRAFT Do not approve the draft. You will approve the drafts after Support activates SSL in Step 4. NOTE: Once you secure your Marketo landing pages to be served over HTTPS, you should not link to HTTP (unsecured) assets or pages from your secured landing pages.   For more detailed guidance, please see our recorded instructions below         Step 3. Respond to the TSE via the existing support case The TSE will then begin the process on our end to generate certificates to cover all the domains and subdomains configured in your instance. Once notified, please allow 3 business days for Marketo to create your secure server endpoint. Marketo's Support team will contact you when this is complete. We appreciate your patience during this 3-day setup process.   Step 4. Marketo Support Will Activate Your Secured Domains for Landing Pages Once we've generated and issued the necessary SSL certificates for your domains, we'll notify you that it is done and activate SSL for your Landing Pages. NOTE: There will be a brief "cut-over" period between when HTTPS is enabled by the TSE and when you are able to complete Step 5 below. During this time, landing pages may show up to customers with a mixed-content warning; however, all links and emails will continue to work properly without disruption, and your customers are not at any risk. Be ready to complete Step 5 quickly once instructed to minimize this period. Step 5. Re-approve your landing pages and verify success Once your Support Engineer has activated the switch to HTTPS for your instance, you must immediately take the following actions: Approve all draft pages that you edited from Step 2 above. This can be done in bulk in the Landing Pages section of Design Studio by selecting a group of pages to approve via the “Landing Page Actions” menu. If you include a Marketo landing page on a secure website using an iframe, you will need update the HTML to load the secure version of the landing page, otherwise the end user will get a security warning. Verify your pages are loading and rendering as expected. Contact Marketo Support with any issues you may encounter.     Questions & More Information For more detailed information, please see the Secured Domains Technical FAQ.     Is this article helpful ? YesNo

  NOTE: In order to manage authorized support contacts you must be set up as a SUPPORT ADMINISTRATOR on your support entitlement with Marketo.   IMPORTANT BEFORE YOU FOLLOW THE STEPS BELOW: Our system is particular about how each User needs to access the Support Portal. Simply going straight to the nation.marketo.com will not have the desired result. Each User must access the Support Portal from your instance and set up their profile first. This can be done by logging into your Marketo instance and either clicking on the Community button in the upper right-hand corner of your instance. The user will be brought to a page where they will need to pick their Username and fill in their First & Last name and then save.  Users will not show up in the list of available users to be added as Authorized Support contacts until these steps are completed. Below is an example image of the community link each user must click:       This will bring you to the Community page (https://nation.marketo.com/), where they can complete their profile set up. This community button is also how you will reach the Support Portal to create cases if you are an Authorized Support Contact   From the Support page Support Admins will proceed to follow these steps to manage Authorized Contacts:   1. Log into the Marketo Community and click Support.     2. Click Manage Authorized Contacts to approve or disapprove authorized contacts. (Reminder: This button will not appear unless you are the Support Admin for your Support Entitlement)     3. The top of the Manage Authorized Contacts page provides information about contact totals. If the Allow Marketo Support to Add Authorized Contacts is checked, it means that the customer has granted permission to Marketo Support to add authorized contacts.     4. To authorize a contact, check the Is Authorized checkbox next to the contact's name.  In order to appear on the list of available contacts, the user must have clicked Community (while logged into Marketo) at least once and created a profile.     5. To un-authorize a contact, click the Authorized checkbox next to a contact name to clear the checkmark. Click OK in the popup.      If a contact on the list is no longer an employee at your company or that person does not need to manage cases, you can remove a contact from the listing entirely, by deselecting the Authorized box, and selecting the No Longer checkbox. Click OK in the popup.         Great! You can now manage Authorized Contacts for your account.  

Included in this article   Overview Data you’ll get from Email Bounces Bounce Categories Hard Bounces Soft Bounces Bounce Details Building the Directory 1. Create 6 custom fields 2. Create a Program to house everything 3. Create a Static List 4. Create two Smart Campaigns Smart Campaign One - Logging Email Bounces with Bounce Details Smart Campaign Two - Remove Leads From the List After Successful Deliveries 5. Create Custom List View Showing Bounce Details   Overview Bounce activities carry details for why the email was bounced, but it’s housed within the activity log entry, not in a field on the lead record, so it’s difficult to export that data. This article will show you how to extract that information to create a directory of leads bouncing emails and how to make the list automatically update. This will also create counters for bounces and successful re-deliveries after bounces happen.   Data you’ll get from Email Bounces Bounce Categories Email bounces come in different types depending on why the email was bounced; Hard Bounces or Soft Bounces.   Hard Bounces Hard Bounces come in two types, Category 1 and Category 2. Category 1 bounces are emails that have been marked as spam by the recipient mail server. Many email servers monitor blacklists or spam traps, so after de-listing with them, leads that have had a Category 1 bounce previously may be able to receive emails again. Category 2 bounces occur due to an email address that is invalid or doesn’t exist.   Soft Bounces Soft Bounces come in three different types, Categories 3, 4 or 9. Category 3 bounces are usually temporary, caused by full mailboxes, timeouts, or throttling. Any email with this designation has been retried for up to 24 hours (36 for AOL). Category 4 bounces are caused by technical problems, Transient Failures, Admin Failures, DNS Failures. Any email with this designation has been retried for up to 24 hours (36 for AOL). Category 9 bounces are unknown, undetermined or gibberish details. Any email with this designation has been retried for up to 24 hours (36 for AOL).   Bounce Details When an email is bounced, the recipient mail server includes details of why it was bounced. These are created by the admin of the recipient mail server and vary greatly, but most will give some explanation that can give valuable information. Email Bounce Codes   Building the Directory   1. Create 6 custom fields You’ll need 6 custom fields, two DateTime fields, two Score fields, and two String fields Name the DateTime fields “Bounce Date” and “Email Delivered After Bounce”. Name the Score fields “Email Bounces” and “Deliveries After Bounces” Name the String fields “Email Bounce Details” and “Email Bounce Category” Directions for creating Custom Fields can be found here: Create a Custom Field in Marketo   2. Create a Program to house everything Use a default program type and name it "Directory of Leads Bouncing Emails". Info on creating programs can be found here: Create a Program   3. Create a Static List This static list will be your actual directory that contains all of the leads that are currently bouncing emails. Name it "Active Bounce List". Info on creating a static list can be found here: Create a Static List   4. Create two Smart Campaigns These two Smart Campaigns are what will be used to add and remove leads from your active bounce list. Info on creating Smart Campaigns can be found here: Create a New Smart Campaign     Smart Campaign One - Logging Email Bounces with Bounce Details Your first Smart Campaign will be used to listen for any email bounces that occur. The campaign will populate the “Bounce Date”, “Email Bounce Category” and “Email Bounce Details” fields. It will then add one point to the “Email Bounces” score field which can be used to count how many bounces have occurred per lead. Lastly, the campaign will add the lead to the static list which will be an active directory of leads who are bouncing emails.   Campaign Smart List Use the two triggers of “Email Bounces” and “Email Bounces Soft” in the Smart List. Set both triggers to “is any” so that they will fire whenever any email bounces for any reason.   Campaign Flow The Flow of the campaign will have 5 flow steps. The flow will use a System Token and some Trigger Tokens, which can be used to pull details out of the action that activated the trigger. In this case, the Trigger Tokens will be pulling out the details on why the emails were bounced. That info is in the bounce message and is logged in the lead's activity log. Normally you'd have to comb through the activity log one at a time to find these details for each individual lead. This method, however, will pull the details out automatically for all leads.   Flow Step 1: Change Data Value Attribute: “Bounce Date” New Value: {{system.dateTime}}   Flow Step 2: Change Data Value. Attribute: “Email Bounce Category” New Value: {{trigger.category}}   Flow Step 3: Change Data Value Attribute: “Email Bounce Details” New Value: {{trigger.details}}   Flow Step 4: Change Score Score Name: “Email Bounces” Change: +1   Flow Step 5: Add to List List Name: “Active Bounce List”   Smart Campaign Two - Remove Leads From the List After Successful Deliveries   Campaign Smart List The Smart List of the campaign will need a trigger for “Email is Delivered” set to “is any” and also a filter of “Member of List” looking just for leads that belong to your Static List. This way, the campaign will only apply to leads who have had an email bounce but have then had an email successfully delivered afterwards.     Campaign Flow The Flow of the campaign will have 3 flow steps to do the following; log when the email was delivered, add a point to the "Deliveries After Bounce" Score Field, and remove the lead from the "Active Bounce List".   Flow Step 1: Change Data Value Attribute: “Email Delivered After Bounce” New Value: {{system.dateTime}}   Flow Step 2: Change Score Score Name: “Deliveries After Bounces” Change: +1   Flow Step 3: Remove from List List Name: Operational.Active Bounce List   5. Create Custom List View Showing Bounce Details The custom fields you’ve created for email bounce information won’t show automatically in the view of your list. You can create a new view of the list to show just this information so that when it is exported it will give you only the email bounce information you need. Once the list has the necessary details, it can be exported with those columns included so that you can work with it. You can identify emerging trends and issues with your deliverability by looking for common themes among the bounce details. Directions for creating Custom Views can be found here  

With the evolving best practices and awareness around data privacy, Marketo will be upgrading how we handle form pre-fill. What change is being made? Starting April 24, 2019, Marketo will only pre-fill form fields if the URL used to navigate to the Marketo landing page contains a valid mkt_tok URL parameter value (which occurs when users click tracked links in Marketo emails). What that means is, any time a person is viewing a Marketo landing page with a form, the URL being used must contain the mkt_tok token in the query string, otherwise the form on that landing page will not be pre-filled. If the URL in the browser window does have a valid mkt_tok tracking token, then the form within the page will pre-fill as expected with data corresponding to the person record associated with that mkt_tok. Also note that if you are embedding Marketo Landing Pages within other web pages using an <iframe>, the mkt_tok would need to be passed from the parent page to the <iframe> URL if you intend for form prefill to work within the <iframe> ​How did it work before? Previously, Marketo landing pages would rely on Munchkin tracking cookies to identify known person records, and forms would pre-fill based on that cookie. Form pre-fill did not require being linked to a Marketo landing page from a tracked email link. Why is this changing? This upgrade is being made to provide a more consistent and more secure experience with Marketo’s forms. We have identified that, in the past, people have experienced scenarios where data pre-filled into a form didn’t always correspond with the actual person viewing the page. For example, people using a shared computer or those who may have been cookied incorrectly by clicking through a forwarded email, could end up viewing incorrect data associated with a different person. To provide a more consistent customer experience, and as a security enhancement, Marketo is upgrading the conditions under which the form pre-fill will display known customer information. In short, pre-fill will only work when users clickthrough links in Marketo emails, demonstrating that they have ownership of the email address associated with the known person record. Below is a list of different scenarios and how form pre-fill will work moving forward. Please note, these changes to form pre-fill will not affect any other functionality of Marketo Forms, including the progressive profiling feature. Scenario Will the form pre-fill? Notes Clicking a tracked link in a Marketo email to a Marketo landing page with a form which has pre-fill enabled Yes The email link must have mkt_tok enabled. Links that are not tracked or that have mkt_tok disabled will not work. Navigating directly to a Marketo landing page with a form which has pre-fill enabled No A direct link to the landing page will not have the mkt_tok present in the HTTP request. Refreshing a Marketo landing page with a form which has pre-fill enabled No The mkt_tok is stripped from the URL after Marketo Landing Pages load so refreshing the page will not include the mkt_tok in the URL. As a result, pre-fill will not work. Clicking a link in a sample email to a Marketo landing page with a form which has pre-fill enabled No The sample email will not have a valid mkt_tok attached to the link and so will not pre-fill the form. If you wish to test form pre-fill you will need to use a real email from a Marketo campaign. Navigating to a non-Marketo page that includes an embedded Marketo form which has pre-fill enabled No This behavior does not change with the upgrade. Pre-fill has never been supported for Marketo forms that are embedded on non-Marketo pages. Navigating to a non-Marketo page that includes an <iframe> pointing to a Marketo Landing Page that includes a form with pre-fill enabled With custom implementation The form within the Marketo Landing Page that is being loaded in the <iframe> will pre-fill if the mkt_tok value from the original HTTP request is passed along to the <iframe> URL Visiting a Marketo page with a mkt_tok that is not associated with the same person record as an existing Marketo Munchkin cookie currently stored on the browser No This will prevent the wrong person’s information from being displayed in cases where a computer is shared, or an email with a mkt_tok tracked link is forwarded to another person that may already be cookied as a known person in your database. Copying a Marketo tracked link from an email and sharing/pasting it externally (email, blog, chat, social media post, etc.) that enables another individual to click the tracked link Yes The tracked link in a Marketo email will redirect to a URL with the mkt_tok included, so anyone clicking this link will reach a page and see pre-fill data associated with the known person record from the “to” line of the email.

Issue How to test Facebook lead generation form functionality without viewing the advertisement on Facebook Solution Use the lead ads testing tool by clicking on the link - https://developers.facebook.com/tools/lead-ads-testing  to create a test lead. You should use this tool with a valid Facebook Ad Account. Login to Facebook with the same account you used to set up the integration with Marketo. Select the Page and Form you want to create a test lead from. Ensure the Marketo app (APP ID 1480829408843427) is diplayed on "WEBHOOK SUBSCRIPTION FOR THE SELECTED PAGE" section. Click on the "Create Lead" button. In the "WEBHOOK SUBSCRIPTION FOR THE SELECTED PAGE" Click on "Track Status" button which updates real time until you get a response from Marketo. If you do not have the "WEBHOOK SUBSCRIPTION FOR THE SELECTED PAGE" in Facebook, complete the following: Go into the Facebook Lead Ad Launchpoint service in Marketo and unselect all the pages. Finish the setup and save. Do not delete the Launchpoint service but de-select the pages Go back into the Facebook Lead Ad Launchpoint service and re-select the list of pages. Finish the setup and save. This will kick in the code that registers the webhooks on the pages again. It is important to go through step 1 first or the code will not re-register the page. Try creating a lead using the lead ad testing tool. In Marketo, the email address "test@fb.com" should be created.    

Update May 2021: Due to the release of CNAME Cloaking Defense with IOS and Safari 14 Munchkin cookies will be capped to a 7 day lifespan in Safari .   What’s changing? On February 21, 2019, Webkit announced the new release of Safari’s Intelligent Tracking Prevention (ITP), known as ITP 2.1 and ITP 2.2 shortly thereafter. With ITP 2.x, all persistent client-side cookies, i.e., non-session cookies created via JavaScript through document.cookie, are capped to a seven-day or one-day expiry.  Mozilla Firefox and Google Chrome have also announced their intent to conform to these new policies, though no details or dates have been released.   How does this impact Marketo? As a result of these changes to cookie policy, 7 days after their initial tracked visit to your domain, the Munchkin cookies of visitors using Safari (or future affected browser versions) created with the existing versions of Munchkin JavaScript will expire, and on subsequent visits they will be tracked as a new visitor.   How does Munchkin operate? On a person’s first visit to a page on your domain, a new anonymous person record is created in Marketo. The primary key for this record is the Munchkin cookie (_mkto_trk) which is created in the user’s browser.  All subsequent web activity on that browser is recorded against this anonymous record.  In order to be associated with a known record in Marketo, one of the following methods should be used: The person may visit a Munchkin-tracked page with a mkt_tok parameter in the query string from a tracked Marketo email link. The person may fill out a Marketo Form. REST Associate Lead call must be sent.   Once one of these actions is completed, the cookie and all its associated web activity will be associated with the known record.   How is Marketo planning to address ITP concerns? Marketo will implement a new web service to allow Munchkin cookies to be set with a Set-Cookie header via HTTP response, so that they may bypass the 7-day expiry cap imposed when setting cookies via JavaScript.   Do I need to do anything to take advantage of these updates? In order to leverage the new behavior and take advantage of the greater expiry period and tracking capabilities, ensure that you have configured the following: A Landing Page CNAME Secured Landing Pages (i.e. HTTPS) For external pages, you must have configured a Landing Page Domain or Domain Alias with a Top-Level Domain (TLD) matching the external domains which you wish to track For example, if you have pages on the domain www.example.com which are tracked, you must have configured an LP Domain or Alias which is a subdomain of example.com, like munchkin.example.com   What happens if I do nothing? Munchkin’s ability to track users across sessions on the same domain will remain limited by ITP to either 1 or 7 days based on the browser and browser version used by the visitor. As of this posting, this only affects visitors using the Safari browser, although Chrome & Firefox may follow suit with their own versions.   When will the solution be launched? These changes will begin as a staggered roll-out to customers who have opted into the Munchkin Beta channel in conjunction with the January 2020 Marketo release. Once the solution has been released to all beta customers, the roll-out to our entire customer base will begin in mid-to-late February. All customers should expect to have the solution by end of March 2020.   Google Chrome Update (Feb. 2020): Google recently announced that the Chrome browser will block all third-party cookies within two years; however, since Marketo uses 1st party cookies, this update regarding 3rd party cookies will NOT affect your Marketo tracking efforts. For further context about 3rd party cookies in general, and the industry shift away from using them, please see the following article for Adobe's stance across the Experience Cloud Solutions: https://medium.com/adobetech/an-adobe-perspective-google-chromes-announcement-on-the-future-limits-of-3rd-party-cookies-bbb7bb257fdb

Questions? Ask Support! Securing your Adobe Marketo Engage Landing Pages By default, Marketo Engage serves domains as HTTP, and historically we’ve given our customers the choice of whether or not to secure their Marketo Engage domains (HTTPS); however, in 2018, browsers enforced new security measures to better protect their users - one of which was to flag all non-secure (HTTP) web pages with a visible "Not Secure" warning (the unlocked pad lock icon in the address bar). This effectively shifted the choice of using secured (HTTPS) domains from a best practice to a requirement. Marketo Engage's Secured Domains solution secures any and all domains defined in your instance so they will be served via HTTPS.  For a full explanation of the benefits Secured Domains provides, in contrast with a basic SSL certificate, please see this Nation Post.   NOTE: As of late 2019, Marketo Engage changed it's pricing/packaging to now automatically include a base Secured Domains package with ALL subscriptions. This base offering secures the first landing page domain and first tracking link domain to provide all of our customers with the basic necessities of digital marketing. Should you use more than these two domains, they may be purchased a la carte, so customers only pay for what they need. Contact your Marketo Engage Customer Success Manager to purchase additional Secured Domains or discuss further.   Identifying Landing Page Domains in Your Instance Please note the below only covers securing your Landing Page domains. For steps on how to secure your Tracking Link domains, please visit this Nation Post.   New Subscriptions: If you’re a new Marketo Engage customer with a new subscription, one of the steps in setting up your instance is to set your CNAMES, landing pages domain name, and any domain aliases. For more information see, Customizing Your Landing Pages URL with a CNAME and Adding Additional Landing Page CNAMEs. Once this is done, you’ll be ready to count the unique domains (as described below) and initiate the Secured Domains provisioning process through Support.   Established Subscriptions: Have you had your Marketo Engage subscription for a while and want to know how many landing page domains you have configured in your instance? If you’re a Marketo Engage Admin, you can see your landing pages domain name and domain aliases by navigating to: Admin console > Integration > Landing Pages   On the Landing Pages tab, you’ll see your landing pages Domain Name. In the example www.info.mycompany.com, the first part of the URL (info.) is your CNAME and the second part (mycompany.com) is the top-level domain (TLD). Marketo charges per unique top-level domain - i.e. only the orange part.   Next, you’ll also need to check the Rules tab and look for Domain Aliases.   It’s important to note that when it comes to securing your Marketo Engage landing pages, the Secured Domains for Landing Pages process will secure all of the domains in your instance. It’s an all-or-nothing action, meaning you cannot chose which domains to secure for HTTPS and which to leave HTTP.  And don’t worry – we’ll count these up for you so we can scope your subscription correctly.   The Secured Domains Provisioning Process The process to secure your landing page domains includes steps that must be completed on Marketo Engage’s side as well as steps that you’ll need to complete in your instance prior to us enabling HTTPS.   First, you'll need to configure your domains, choose a CNAME, and point it to your unique Marketo domain (i.e. prefix.mktoweb.com). These first-time-setup instructions can be found here.   Then, you'll need to contact Marketo Support to complete the process. NOTE: Domains are NOT automatically secured once they're configured in your instance - you MUST contact Support for any domain changes!   On our side, we’ll first provision your prefix.mktoweb.com domain on Cloudflare servers, then complete the secure handshake validation between DigiCert and Cloudflare to provision the necessary SSL certificates to serve your landing pages over HTTPS.   On your side, to ready your instance for the conversion to HTTPS, you’ll need to review, update and re-approve your landing pages: Change all images, JavaScript files and other external links in landing pages to HTTPS. Pages with HTTP links may display an “Insecure Content on Secure Pages” error. You can read more about that here: What Exactly Is a Mixed Content Warning? If you include a Marketo Engage landing page on a secure website using an iframe, you will need update the HTML to load the secure version of the landing page, otherwise the end user will get a security warning. If you use a Marketo Engage Form on a non-Marketo Engage page, you will need to update the follow-up URL to HTTPS if you’ve explicitly referenced a HTTP page.   Once you’ve completed the steps above, it’s time to coordinate the cut-over to HTTPS with Marketo. You’ll need let Marketo Engage Support know that you’re ready to initiate the cut-over process.   NOTE: To help ensure a smooth transition, please confirm with your IT team that they have NOT placed a CAA against DigiCert on your top-level domain (this grants permission to only specific vendors to issue SSL certificates to your domain). We’ll work with you to plan a time when you have few or no upcoming batch campaigns running, and also a time when your team is available, if needed, to make a few updates in your Marketo instance.   RECOMMENDATION: After the cut-over, you may notice that images are not displayed in the Marketo Engage email editor or preview mode. Rest assured your emails will send correctly and the images will render for recipients. To see the images in Marketo Engage, you must adjust the image URLs from HTTP to HTTPS in the editor. Again, whether you take this step or not, the images will render properly for your email recipients.      That’s it! Once our team enables Secured Landing Pages for your instance, your landing pages will be served via HTTPS. Of course, it’s a good idea to do some validation of your pages after the cut-over to be sure your pages are loading correctly, images are loading, and that you didn’t miss any hard-coded HTTP links. Moving your pages to HTTPS, you can rest assured that you’re providing critical security and data integrity for both your pages and your visitors’ personal information. Good job, you!   OTHER HELPFUL FAQs Cloudflare has blocked my domain from being secured by Marketo Engage. What does this mean and how do I resolve it? Cloudflare takes security steps on their SSL for SaaS v2 platform used by Adobe Marketo Engage to ensure domains belonging to the internet's most popular brands and websites are not issued SSL certificates without explicit permission from it's owner. Cloudflare pulls from the list of the top 1 million domains on the internet from Tranco to determine which domains it will block from securing without consent.   Adobe does not control the content of this list and cannot make changes to add or remove your domain. If your domain is on this list, Customer Support may report that your domain is unable to be secured without taking extra steps. Your business may either: Request a certificate from LetsEncrypt instead of Digicert. LetsEncrypt offered certificates do not have the same restrictions. Submit a Letter of Authorization with your request to Customer Support. This must be a signed letter on company letterhead confirming that your company authorizes Adobe Marketo Engage to secure your requested subdomains. Do I need to provide a TLS/SSL Certificate? No, in fact, to avoid the unnecessary hassle, risk and fire drills caused by expired certificates, Marketo Engage now only accepts customer-provided certificates on an exception-only basis. The certificates included with Secured Domains auto-renew annually without any human interaction on either side.   What Certificate Authority (CA) issues the certificates for the Marketo Engage’s Secured Domains? The certificates are authored by DigiCert.   What type of certificate is provided? We produce a pack of two certificates; The primary certificate uses a P-256 key, is SHA-2/ECDSA signed, and will be presented to browsers that support elliptic curve cryptography (ECC). The secondary or fallback certificate uses an RSA 2048-bit key, is SHA-2/RSA signed, and will be presented to browsers that do not support ECC.   Will my domains be on a shared SSL certificate with other companies? Absolutely NOT! That's like sharing the same car lock with other people - avoid dealing with vendors who offer this service. Each of your domains will get its own certificate, meaning you will not be on a shared certificate with other companies.   Will all the subdomains be covered? Marketo Engage defines a subdomain interchangeably with CNAME for billing purposes. As an example, with your company.com domains, the subdomains go.company.com, info.company.com, help.company.com etc. would could as 3 unique subdomains. Please keep in mind that company.com, company.com.uk, company.com.ca are separate top-level domains.   Can I choose which domains/subdomains to secure? Securing your domains is all-or-nothing, meaning the process automatically secures all domains/subdomains you've set up in your instance. If you do not use or need old domains lingering in your instance, be sure to delete them so you're not charged.   If I have a CAA record, can it affect my certificate issuance? Yes, CAA records MUST be configured to allow DigiCert issuance, or else we will be restricted from issuing one. Please check with your IT team to ensure this is not a blocker. Further information: https://www.digicert.com/dns-caa-rr-check.htm   Can I provide my own SSL certificate to secure my domains? Not unless they are the Extended Validation (EV) certificate type. If not, but your IT team has instructed you they must manage them, please reach out to your CSM with the business use case and any details to request an exception. Please note this only causes additional risk, hassle, time, and effort on all parties.   We require an Extended Validation (EV) certificate. Can the Secured Domains for Landing Pages product accommodate this? Since the certificate provided with Secured Domains is not an Extended Validation (EV) type, Marketo Engage absolutely allows customers who require this (typically healthcare, finance, government) to procure the EV certificate/private key and provide this to Marketo Engage Support; however, please note you will then be 100% liable for managing/renewing/sending Marketo Engage the new certificate with ample time to install it to avoid expiration. Expired certificates will not be categorized as a P1.   What Marketo Engage configuration is required to complete the Secured Domains setup? One or more CNAMEs for the Marketo Landing Pages must be configured in the Admin section of the application as described here: Setup Steps - Marketo Docs - Product Docs   How many domains can I secure? Technically, as many as you like. However, please note there is an additional cost associated with secured multiple domains beyond the first two covered by the base offering.   If I am using Domain Aliases in my Marketo Engage subscription, do I have to secure each of these? Securing your Marketo Engage landing pages requires you to secure all domains used in your instance including your Domain Aliases.   How do I see the Landing Page domains in my instance? Marketo Engage Admins can see your landing pages domain name and all domain aliases by clicking on Landing Pages in the Integration section of the Admin console. On the Landing Pages tab, you will see your full Landing Page Domain Name. On the Rules tab, you will find all Domain Aliases set up for your instance. For the Secured Domains for Landing Pages you will need to count the number of domains used in your instance. When counting domains, please provide the number of unique top-level domains – only the orange part here: www.info.mycompany.com Are Domain Aliases for different countries counted separately? When counting domains, you might have the same CNAME but unique top-level domains: info.mydomain.com, info.mydomain.au, info.mydomain.de. Even though the CNAME is the same, the top-level domains (mydomain.com, mydomain.au and mydomain.de) are unique and thus counted as such (3 total domains). Vice-versa, unique CNAMEs (info., go., pages.) with the same top-level domain (mycompany.com) are considered subdomains of a single top-level domain.    Will URLs to the existing non-secure (HTTP) Marketo Engage Landing Pages continue to work? Your existing HTTP URLs will continue to work and will automatically be redirected to the secure (HTTPS) pages. There are only few situations where you may have to manually update the URL, specifically when you include a Marketo Engage landing page on a secure website using an iframe. In this case, you will need to load the secure version of the landing page, otherwise the end user will get a security warning.   Does securing my Marketo Engage landing pages also secure my corporate website? No. Marketo Engage Secured Domains only affects the landing pages served by Marketo, because the underlying domain is technically a Marketo Engage domain (i.e. your CNAME 'points' to prefix.mktoweb.com). It does not affect any pages on your corporate (non-Marketo) website.   If I don’t use Marketo Engage Landing Pages, do I need Secured Domains for Landing Pages? Most likely, as there are many aspects of Marketo Engage that rely on your domains being secured, such as assets and images. Further, if you are embedding Marketo Forms on secured non-Marketo Engage webpages, the default form code snippet that Marketo provides uses //[munchkinID].mktoweb.com which is a Marketo domain that can be served securely on a HTTPs parent page (the // indicates the request will use whatever protocol the parent uses). With this, your Marketo Engage form will take on the security level of the page it’s embedded on regardless of whether you’re using our Secured Domains for Landing Pages product.    Will the Munchkin JavaScript API also be encrypted via SSL? Calls to the Munchkin JavaScript API automatically switch to SSL if the page on which the calls are made is SSL encrypted.   Can I add additional Domains to my instance and secure these too? Once you’ve secured your landing page domains with the Secured Domains for Landing Pages process, you will need to contact Marketo Engage when adding additional domains/domain aliases. Please contact your Marketo Engage Customer Success Manager. There is an additional a la carte charge depending on the number of domains you are adding.   Do I need to secure my tracking links as well? If your company enforces HSTS (a web directive that denies any redirects from HTTP links), you WILL need to also secure your Tracking Links for your recipients' email->landing page functions correctly. For more information on HSTS and Marketo subdomains, please see the following documentation SSL: The HSTS Policy and Your Marketo Subdomains If not, Marketo still recommends using secured links as a best practice, as it can help with deliverability and avoid spam traps; plus, it looks far more professional to have secured links, and can foster brand confidence when your recipients know their email->web page redirect is fully secure.   For additional questions on anything technical, just ask the Marketo Support team! If it's a pricing or commercial question, please reach out to your Customer Success Manager.

Overview Beginning August 15, 2018, Marketo will implement a new policy for the retention of marketing activity data. Under this policy, Lead Activity and Campaign Membership data will be stored for a rolling 25 months past the activity date, and certain high-volume activity data will be retained for a rolling period of 90 days past the activity date. Beyond these retention periods, this data will not be available.   This change in retention will enable Marketo to continue to meet the performance demands of its customer base while providing clear expectations for data retention across the platform.   Customers who wish to export marketing activities that are older than 25 months or high-volume activities that are older than 90 days should do so before August 15, 2018. After this date, Marketo will apply the new retention policy and the older data will no longer be available.     Summary of Changes There are three components to the data retention policy: a retention period of 14 days for one activity, 90 days for twelve high-volume activities; and a retention period of 25 months for all other activities.     Activity with 14-Day Retention Period Activity Retained for 14 Days Delete Lead     Activities with 90-Day Retention Period The high-volume activities listed below will be retained for 90-days. After 90-days, all such activities will be permanently deleted. Activities Retained for 90 Days    Add to List Change Score Change Data Value Visit Webpage Click Link on Webpage Sync Lead to SFDC Sync Lead to Microsoft Sync Lead Updates to SFDC Update Opportunity Request Campaign Email Delivered* Send Email*   * Email Delivered and Send Email activities changed from 25 months to 90 days effective August 31st, 2020.  More information here.     Activities with Minimum 25-Month Retention Period The activities listed below will be retained for 25 months. After 25 months, all such activities will be permanently deleted. The only exception is the New Lead activity, which will always be displayed in the activity log. All other activities will be deleted, but the New Lead activity will not, giving you a permanent record of when the lead was created and how. Category Activities Retained for 25 Months Web Click Predictive Content Click RTP Call to Action Fill Out Form Smart Campaign Add to Engagement Program Call Webhook Change Lead Partition Change Engagement Program Cadence Change Engagement Program Stream Change Program Success Change Revenue Stage Change Revenue Stage Manually Change Program Member Data Change Program Status Compute Data Value Enrich with Data.com Execute Campaign Interesting Moment Merge Leads Remove from List Resolve Ruleset Reward Test Group Variant Schedule Test Variants Send Alert Engagement Program Cast Push Lead to Marketo Social Click Shared Link Share Content Vote in Poll Email Click Email Email Bounced Email Bounced Soft Open Email Received Forward to Friend Email Sent Forward to Friend Email Unsubscribe Email CRM - Salesforce Add to Opportunity Add to SFDC Campaign Change Owner Change Status in SFDC Campaign Click Sales Email Convert Lead Delete Lead from SFDC Lead Assigned New SFDC Opportunity Open Sales Email Receive Sales Email Remove from Opportunity Remove from SFDC Campaign Resolve Conflicts SFDC Activity Sales Email Bounced Send Sales Email SFDC Activity Updated SFDC Merge Leads Add to Case Add to SFDC Custom Object Test (Contact) CRM - Microsoft Dynamics Add to Opportunity (Contact) Add to Opportunity (Account) Remove from Opportunity (Contact) Remove from Opportunity (Account) Update Opportunity (Contact) Update Opportunity (Account) Delete Lead from Microsoft Segmentation Add to Segment Change Segment   Once this data retention policy goes into effect, Marketo will enact the following: Activities will be available via the Marketo UI or for REST API Bulk Extract for 25 months from the activity date. Activity data in reports for campaigns, forms, emails, or website visits will be available for 25 months from the activity date. Activity data from decision rules in Smart Lists will be available for 25 months from the activity date. Smart Lists and Smart Campaigns will be able to access data for 25 months. Engagement programs will still not send the same email to a lead again for at least 25 months after the first email send activity date.   Marketo Data Retention Policy You can see the Marketo Data Retention Policy in the Marketo Community here: Marketo Activities Data Retention Policy   Frequently Asked Questions   What Happens Next? You have until August 15, 2018 to export any of your existing, historical (older than 25 months) marketing activity data. After this date, Marketo will apply the data retention policy to marketing activities on an ongoing basis.     What do I need to do? No action is required unless you wish to store activity data that was generated more than 25 months in the past. If you need to retain data that is older than 25 months, you should export it via the REST API Bulk Extract before August 15, 2018.   If you would like to store the activity data from the high-volume activities, you should export it within its 90-day retention period.   For additional help, you may want to engage a technology partner from the Marketo LaunchPoint Partner ecosystem or contact Marketo Professional Services.     What's in it for me? Your individual benefits from this data retention change will depend on your usage. Generally, users of the Marketo platform may see performance-related improvements, such as: Smart Lists can process faster. Filters for activities (such as email opens or website visits) won’t need to query multiple years of historical data, making the search time shorter. Emails will send faster. Since Smart Lists will process faster, campaigns will qualify members faster and email batches will take less time to assemble. Lead scoring will happen faster. Activity that contributes to lead scoring will be processed faster. REST API and campaigns will execute faster. Without a large amount of historical data to process, your campaigns will execute faster and REST API calls will speed up.     Will this affect my reports? You'll see changes if you attempt to run a report on lead activity beyond the retention period. Your reports will show up to 25 months’ worth of data, but data beyond the activity retention period will no longer be available. For more detailed information, please see our documentation here: Marketo Activities Data Retention Policy – Impact on Reporting     How will this affect my contact data? The new data retention policy will not change the way Marketo stores field values within Lead, Account, or Custom Object records. The retention policy change applies to the activities logged in the activity log. The field values (attributes) in the record won’t be affected.   Example: Say a lead has a Change Data Value activity that inputs an address into the Address field. The address itself that is entered into the Address field will not be affected. However, the Change Data Value activity that is logged in the activity log will only be retained for 25 months, after which it will be deleted.     Will there be any change to lead scoring? Activities that affect lead scoring (including those from emails, forms, or campaigns) will be available for 25 months. Beyond that period, the activities will not be retained and won’t affect lead scoring. The existing score won’t be changed when the activity is deleted.   Example: Say a lead visited your pricing page one time in 2014 and a Smart Campaign changed the score +5 for the activity. Four years later, the lead will still have the score of 5, but the activity that generated the score change will have been deleted.   For most, the value of activities that happened over two years ago isn’t as great as the value of more recent activities. The usefulness of activities affecting scores decays over time, so the overall impact should be minimal.     How will this affect marketing assets? The new data retention policy will not change the way marketing assets (such as campaigns, forms, emails, etc.) are stored. The data policy change applies only to activities, not the assets within your Marketo instance.     Does this include Custom Activities? Yes. Custom activities are included in the new data retention policy. All activities, even custom activities, will be deleted after 25 months.     How will this affect global unsubscribe? The new data retention policy will not affect global unsubscribe status. Even after the unsubscribe activity moves beyond the retention period date and is deleted, the lead’s Unsubscribed status is kept as a lead attribute, and is retained in the Durable Unsubscribe.     How do I tell when an anonymous lead record was created and when it became known? There are two places in lead records where info is stored for when it was created. In the lead’s activity log, the “New Lead” activity records when a lead became a known lead. This activity is the only one that is not deleted after 25 months. The “New Lead” activity will always be retained in the activity log, even after others are deleted. In the Lead Info tab of the lead record, the first attribute listed is “Created”. This gives you the exact date and time when the lead record itself was first created. If the lead was anonymous first before becoming known, this will give you the date and time of the first anonymous activity.     Will there be any change to my CRM sync? Any activity that was synced with your CRM prior to the new data retention policy will remain stored in the CRM and should not be changed. However, some information within Marketo Sales Insight could be affected. See our “Under the Hood” documentation for more details. Marketo Activities Data Retention Policy - Under the Hood     How does this impact those in the financial services industry? Due to the very specific data retention requirements for customers in the financial services industry, we highly encourage such customers to implement their own processes to retain and archive data. If needed, you can purchase an Extended Data Retention subscription, which extends data retention to a period of 37 months (please note, the Extended Data Retention subscription does not apply to high-volume activity data which is retained for 90-days). Records can also be exported through REST API Bulk Extract.     What if I use the activity data in some of my calculations? Using the raw activity data as a transactional data store is a practice that should be avoided for performance reasons. Instead of this approach, best practices for typical use cases include the following: Purchase History: Historical data such as "Purchases in the last 6 months" are often used as indicators of customer engagement. But querying the amounts from the activities each time will slow your trigger campaign performance. Instead, consider a weekly scheduled batch campaign which calculates the data and stores it as a custom attribute on the Lead. Preference/subscription history: Customer preferences and subscriptions change over time. These are frequently updated via a form, and in some cases, you might want to retain either the modified time stamp or the prior settings. However, using the raw form activities is not advisable. Instead, if you're tracking subscriptions, use either a custom attribute (for one preference) or custom objects (for multiple preferences or subscriptions). You can also use those tools to store the modification time stamp and even the previous value if necessary, though you should consider carefully how far back you really need to retain such information. Relationship marketing: Certain industries, such as Wealth Management or Consulting, have long-term relationship strategies in place. The engagement campaigns might have been set up to depend on the activities to signal that certain events have occurred. For example, an introductory or sign up package might have been sent several years ago. Instead of using the activity, have the date that activity occurred stored as a custom attribute on the Lead.     Are there any options to retain my data longer than 25 months? If you need to retain your data longer than 25 months, you have two options: You can purchase the premium Extended Data Retention subscription to retain your activity data for 37 months. Talk to your Customer Success Manager for more information. NOTE: The Extended Data Retention subscription cannot be applied to the high-volume activities. Those activities will still only be retained for 90-days. You can use REST API to bulk export your data and retain it yourself. The REST API documentation containing directions for bulk exporting can be found in our REST API Bulk Extract article.     What kind of data can I export using the REST API Bulk Extract? You can use a REST API call to retrieve the list of standard activity types; the call is documented in our REST API Bulk Extract article. Additional information about REST API calls can be found in REST API.     Is there a way of opting out of this policy? In order to ensure that our customers continue to receive the best level of performance from the platform, all Marketo customers will be subject to this data retention policy.     Where Can I Find More Information?   Activities Data Retention Update Webinar In the webinar, you'll get an introduction to the updated Activities Data Retention Policy, affects across Marketo, and options for extending the data retention period and/or exporting activities data. Also includes Q&A from the live session: Marketo Activities Data Retention Policy Update Webinar   Overview & FAQ Documentation This doc will give you an overview of what the policy changes and answers to the most commonly asked questions: Data Retention Policy Change - Overview & FAQ   Marketo Activities Data Retention Policy The official Marketo Data Retention Policy can be found here: Marketo Activities Data Retention Policy   Data Retention Policy - Impact on Reporting See how your Analytics reports will operate after the new policy goes into effect. Marketo Activities Data Retention Policy – Impact on Reporting   Under the Hood Documentation This document will give you all of the details of exactly what is happening. If you're looking for in depth technical details, this is the go-to document to check out! Marketo Activities Data Retention Policy - Under the Hood   Ways to store activity data beyond the retention policy Here are two docs that give possible work arounds you can try Storing Activity Data Beyond Retention Policy Maintaining a Directory of Leads Bouncing Emails   Bulk Extract API Check out the documentation here to find out how to use the Bulk Extract API   Contact Marketo Support If you have additional questions, please Contact Marketo Support

Overview Marketo launched the new Email Editor 2.0 with the Spring ’16 release. Email Editor 2.0 is fully backward compatible with Email 1.0 emails and Email 1.0 email templates and also provides a large number of added capabilities. For this reason, after June 18th Email Editor 1.0 and Email Template Editor 1.0 will no longer be available within the Marketo application. All Marketo subscriptions that have yet to enable Email Editor 2.0 will be seamlessly transitioned to Email 2.0 on this date. Note: This change is not tied to a Marketo Release. What are some benefits of using Email Editor 2.0? With Email 2.0, you will enjoy a more modern experience and even more capabilities when editing emails in Marketo. Here’s what you’ll see in your Marketo Engagement Platform: Modules: Defined at the template level, modules are sections that group content elements (images, text, etc.) you can add to your email assets. You can also clone the modules within your email asset, or place them in the most convenient location. Learn more about modules here: Add Modules to Your Email Variables: Email Editor 2.0 allows you to define variables within the email templates that you can reuse within the template or within email assets built based on the template. If necessary, users can modify the variable’s value when building emails. Variables come in several types like String, Color, Image, etc. We are confident variables will help you reduce errors and easily customize emails. Visit: Email Template Syntax - Variables for an in-depth review of email variables. Enhanced Editing Experience: The new Email Editor 2.0 also comes with an improved Email Previewer, which will allow you to see how your email would look like on a desktop and on a mobile device; a new Email Template Picker, so you can easily identify and select the template to start building emails, and a collection of fully responsive “Starter Templates” free of charge. For more information, please see our Email 2.0 Spring '16: Overview recorded session. Deprecation Details The ability to use the Legacy Email Editor 1.0 will be removed from the UI on June 18, 2019. Any emails created or edited after June 18, 2019 will automatically open the new Email Editor 2.0 version. Note that the Marketo APIs (Direct Writes & Clone Programs) will issue warning notifications to help you identify assets still needing to be upgraded to Email 2.0. Any 1.0 assets will still be usable in campaigns! They will simply be converted to the New 2.0 version the next time they are edited and approved (steps on how to do this are outlined below). While the UI will remove the option for users to create templates in the legacy editor, the APIs supporting the Legacy editors will not be removed from Marketo until the January 2020 release. Any assets that are not converted to the New Editor after January will not be usable and unavailable for conversion.  After deprecation, attempts to write to or clone Email 1.0 assets will result in errors instead of warnings. Recommendation We recommend that your team enables 2.0 and gets familiar with the newest email editor prior to the June 18, 2019 UI deprecation date, to not only ensure they’re comfortable continuing to build and edit assets in Marketo, but also take advantage of the enhancements and added features mentioned above.  Frequently Asked Questions (FAQ) How do I know which email editor I’m using? There are 2 ways to figure that out: 1. In the Email section within Admin, select the ‘Edit Email Editor Settings’ option. The application will display a dialog window and indicate the email editor configured for your Marketo subscription, as in the image below: 2. Edit an email asset and see what the editor looks like: Here’s the Legacy Email Editor: Here’s Email Editor 2.0: As a reminder, after June 18, 2019, any emails you created in Email Editor 1.0 will remain in your subscription and still function. However, you won’t be able to create any new emails with Email Editor 1.0. How do I convert my assets from using Email Editor 1.0 to 2.0? These steps below will guide you through converting any assets using Email Editor 1.0 to 2.0: 1. Confirm that you have enabled the New Editor (2.0) in your admin settings by navigating to the Admin Panel > Emails > Email Editor Settings > Select “New” > Save If you already are using the New Email Editor (2.0), then disregard this step 2. After identifying which assets require the conversion, please navigate to the asset in the Tree in Design Studio (or Marketing Activities if the asset lives in a program) 3. Right-Click on the Email and click on “Edit Draft” 4. The screen should now display the editor in the New Editor (2.0) 5. Make changes, if any are needed, and click “Approve and Close” 6. Now this email has been converted and you are free to use this email with Editor 2.0!