Knowledgebase

Sort by:
Questions? Ask Support! Securing your Adobe Marketo Engage Landing Pages By default, Marketo Engage serves domains as HTTP, and historically we’ve given our customers the choice of whether or not to secure their Marketo Engage domains (HTTPS); however, in 2018, browsers enforced new security measures to better protect their users - one of which was to flag all non-secure (HTTP) web pages with a visible "Not Secure" warning (the unlocked pad lock icon in the address bar). This effectively shifted the choice of using secured (HTTPS) domains from a best practice to a requirement. Marketo Engage's Secured Domains solution secures any and all domains defined in your instance so they will be served via HTTPS.  For a full explanation of the benefits Secured Domains provides, in contrast with a basic SSL certificate, please see this Nation Post.   NOTE: As of late 2019, Marketo Engage changed it's pricing/packaging to now automatically include a base Secured Domains package with ALL subscriptions. This base offering secures the first landing page domain and first tracking link domain to provide all of our customers with the basic necessities of digital marketing. Should you use more than these two domains, they may be purchased a la carte, so customers only pay for what they need. Contact your Marketo Engage Customer Success Manager to purchase additional Secured Domains or discuss further.   Identifying Landing Page Domains in Your Instance Please note the below only covers securing your Landing Page domains. For steps on how to secure your Tracking Link domains, please visit this Nation Post.   New Subscriptions: If you’re a new Marketo Engage customer with a new subscription, one of the steps in setting up your instance is to set your CNAMES, landing pages domain name, and any domain aliases. For more information see, Customizing Your Landing Pages URL with a CNAME and Adding Additional Landing Page CNAMEs. Once this is done, you’ll be ready to count the unique domains (as described below) and initiate the Secured Domains provisioning process through Support.   Established Subscriptions: Have you had your Marketo Engage subscription for a while and want to know how many landing page domains you have configured in your instance? If you’re a Marketo Engage Admin, you can see your landing pages domain name and domain aliases by navigating to: Admin console > Integration > Landing Pages   On the Landing Pages tab, you’ll see your landing pages Domain Name. In the example www.info.mycompany.com, the first part of the URL (info.) is your CNAME and the second part (mycompany.com) is the top-level domain (TLD). Marketo charges per unique top-level domain - i.e. only the orange part.   Next, you’ll also need to check the Rules tab and look for Domain Aliases.   It’s important to note that when it comes to securing your Marketo Engage landing pages, the Secured Domains for Landing Pages process will secure all of the domains in your instance. It’s an all-or-nothing action, meaning you cannot chose which domains to secure for HTTPS and which to leave HTTP.  And don’t worry – we’ll count these up for you so we can scope your subscription correctly.   The Secured Domains Provisioning Process The process to secure your landing page domains includes steps that must be completed on Marketo Engage’s side as well as steps that you’ll need to complete in your instance prior to us enabling HTTPS.   First, you'll need to configure your domains, choose a CNAME, and point it to your unique Marketo domain (i.e. prefix.mktoweb.com). These first-time-setup instructions can be found here.   Then, you'll need to contact Marketo Support to complete the process. NOTE: Domains are NOT automatically secured once they're configured in your instance - you MUST contact Support for any domain changes!   On our side, we’ll first provision your prefix.mktoweb.com domain on Cloudflare servers, then complete the secure handshake validation between DigiCert and Cloudflare to provision the necessary SSL certificates to serve your landing pages over HTTPS.   On your side, to ready your instance for the conversion to HTTPS, you’ll need to review, update and re-approve your landing pages: Change all images, JavaScript files and other external links in landing pages to HTTPS. Pages with HTTP links may display an “Insecure Content on Secure Pages” error. You can read more about that here: What Exactly Is a Mixed Content Warning? If you include a Marketo Engage landing page on a secure website using an iframe, you will need update the HTML to load the secure version of the landing page, otherwise the end user will get a security warning. If you use a Marketo Engage Form on a non-Marketo Engage page, you will need to update the follow-up URL to HTTPS if you’ve explicitly referenced a HTTP page.   Once you’ve completed the steps above, it’s time to coordinate the cut-over to HTTPS with Marketo. You’ll need let Marketo Engage Support know that you’re ready to initiate the cut-over process.   NOTE: To help ensure a smooth transition, please confirm with your IT team that they have NOT placed a CAA against DigiCert on your top-level domain (this grants permission to only specific vendors to issue SSL certificates to your domain). We’ll work with you to plan a time when you have few or no upcoming batch campaigns running, and also a time when your team is available, if needed, to make a few updates in your Marketo instance.   RECOMMENDATION: After the cut-over, you may notice that images are not displayed in the Marketo Engage email editor or preview mode. Rest assured your emails will send correctly and the images will render for recipients. To see the images in Marketo Engage, you must adjust the image URLs from HTTP to HTTPS in the editor. Again, whether you take this step or not, the images will render properly for your email recipients.      That’s it! Once our team enables Secured Landing Pages for your instance, your landing pages will be served via HTTPS. Of course, it’s a good idea to do some validation of your pages after the cut-over to be sure your pages are loading correctly, images are loading, and that you didn’t miss any hard-coded HTTP links. Moving your pages to HTTPS, you can rest assured that you’re providing critical security and data integrity for both your pages and your visitors’ personal information. Good job, you!   OTHER HELPFUL FAQs Cloudflare has blocked my domain from being secured by Marketo Engage. What does this mean and how do I resolve it? Cloudflare takes security steps on their SSL for SaaS v2 platform used by Adobe Marketo Engage to ensure domains belonging to the internet's most popular brands and websites are not issued SSL certificates without explicit permission from it's owner. Cloudflare pulls from the list of the top 1 million domains on the internet from Tranco to determine which domains it will block from securing without consent.   Adobe does not control the content of this list and cannot make changes to add or remove your domain. If your domain is on this list, Customer Support may report that your domain is unable to be secured without taking extra steps. Your business may either: Request a certificate from LetsEncrypt instead of Digicert. LetsEncrypt offered certificates do not have the same restrictions. Submit a Letter of Authorization with your request to Customer Support. This must be a signed letter on company letterhead confirming that your company authorizes Adobe Marketo Engage to secure your requested subdomains. Do I need to provide a TLS/SSL Certificate? No, in fact, to avoid the unnecessary hassle, risk and fire drills caused by expired certificates, Marketo Engage now only accepts customer-provided certificates on an exception-only basis. The certificates included with Secured Domains auto-renew annually without any human interaction on either side.   What Certificate Authority (CA) issues the certificates for the Marketo Engage’s Secured Domains? The certificates are authored by DigiCert.   What type of certificate is provided? We produce a pack of two certificates; The primary certificate uses a P-256 key, is SHA-2/ECDSA signed, and will be presented to browsers that support elliptic curve cryptography (ECC). The secondary or fallback certificate uses an RSA 2048-bit key, is SHA-2/RSA signed, and will be presented to browsers that do not support ECC.   Will my domains be on a shared SSL certificate with other companies? Absolutely NOT! That's like sharing the same car lock with other people - avoid dealing with vendors who offer this service. Each of your domains will get its own certificate, meaning you will not be on a shared certificate with other companies.   Will all the subdomains be covered? Marketo Engage defines a subdomain interchangeably with CNAME for billing purposes. As an example, with your company.com domains, the subdomains go.company.com, info.company.com, help.company.com etc. would could as 3 unique subdomains. Please keep in mind that company.com, company.com.uk, company.com.ca are separate top-level domains.   Can I choose which domains/subdomains to secure? Securing your domains is all-or-nothing, meaning the process automatically secures all domains/subdomains you've set up in your instance. If you do not use or need old domains lingering in your instance, be sure to delete them so you're not charged.   If I have a CAA record, can it affect my certificate issuance? Yes, CAA records MUST be configured to allow DigiCert issuance, or else we will be restricted from issuing one. Please check with your IT team to ensure this is not a blocker. Further information: https://www.digicert.com/dns-caa-rr-check.htm   Can I provide my own SSL certificate to secure my domains? Not unless they are the Extended Validation (EV) certificate type. If not, but your IT team has instructed you they must manage them, please reach out to your CSM with the business use case and any details to request an exception. Please note this only causes additional risk, hassle, time, and effort on all parties.   We require an Extended Validation (EV) certificate. Can the Secured Domains for Landing Pages product accommodate this? Since the certificate provided with Secured Domains is not an Extended Validation (EV) type, Marketo Engage absolutely allows customers who require this (typically healthcare, finance, government) to procure the EV certificate/private key and provide this to Marketo Engage Support; however, please note you will then be 100% liable for managing/renewing/sending Marketo Engage the new certificate with ample time to install it to avoid expiration. Expired certificates will not be categorized as a P1.   What Marketo Engage configuration is required to complete the Secured Domains setup? One or more CNAMEs for the Marketo Landing Pages must be configured in the Admin section of the application as described here: Setup Steps - Marketo Docs - Product Docs   How many domains can I secure? Technically, as many as you like. However, please note there is an additional cost associated with secured multiple domains beyond the first two covered by the base offering.   If I am using Domain Aliases in my Marketo Engage subscription, do I have to secure each of these? Securing your Marketo Engage landing pages requires you to secure all domains used in your instance including your Domain Aliases.   How do I see the Landing Page domains in my instance? Marketo Engage Admins can see your landing pages domain name and all domain aliases by clicking on Landing Pages in the Integration section of the Admin console. On the Landing Pages tab, you will see your full Landing Page Domain Name. On the Rules tab, you will find all Domain Aliases set up for your instance. For the Secured Domains for Landing Pages you will need to count the number of domains used in your instance. When counting domains, please provide the number of unique top-level domains – only the orange part here: www.info.mycompany.com Are Domain Aliases for different countries counted separately? When counting domains, you might have the same CNAME but unique top-level domains: info.mydomain.com, info.mydomain.au, info.mydomain.de. Even though the CNAME is the same, the top-level domains (mydomain.com, mydomain.au and mydomain.de) are unique and thus counted as such (3 total domains). Vice-versa, unique CNAMEs (info., go., pages.) with the same top-level domain (mycompany.com) are considered subdomains of a single top-level domain.    Will URLs to the existing non-secure (HTTP) Marketo Engage Landing Pages continue to work? Your existing HTTP URLs will continue to work and will automatically be redirected to the secure (HTTPS) pages. There are only few situations where you may have to manually update the URL, specifically when you include a Marketo Engage landing page on a secure website using an iframe. In this case, you will need to load the secure version of the landing page, otherwise the end user will get a security warning.   Does securing my Marketo Engage landing pages also secure my corporate website? No. Marketo Engage Secured Domains only affects the landing pages served by Marketo, because the underlying domain is technically a Marketo Engage domain (i.e. your CNAME 'points' to prefix.mktoweb.com). It does not affect any pages on your corporate (non-Marketo) website.   If I don’t use Marketo Engage Landing Pages, do I need Secured Domains for Landing Pages? Most likely, as there are many aspects of Marketo Engage that rely on your domains being secured, such as assets and images. Further, if you are embedding Marketo Forms on secured non-Marketo Engage webpages, the default form code snippet that Marketo provides uses //[munchkinID].mktoweb.com which is a Marketo domain that can be served securely on a HTTPs parent page (the // indicates the request will use whatever protocol the parent uses). With this, your Marketo Engage form will take on the security level of the page it’s embedded on regardless of whether you’re using our Secured Domains for Landing Pages product.    Will the Munchkin JavaScript API also be encrypted via SSL? Calls to the Munchkin JavaScript API automatically switch to SSL if the page on which the calls are made is SSL encrypted.   Can I add additional Domains to my instance and secure these too? Once you’ve secured your landing page domains with the Secured Domains for Landing Pages process, you will need to contact Marketo Engage when adding additional domains/domain aliases. Please contact your Marketo Engage Customer Success Manager. There is an additional a la carte charge depending on the number of domains you are adding.   Do I need to secure my tracking links as well? If your company enforces HSTS (a web directive that denies any redirects from HTTP links), you WILL need to also secure your Tracking Links for your recipients' email->landing page functions correctly. For more information on HSTS and Marketo subdomains, please see the following documentation SSL: The HSTS Policy and Your Marketo Subdomains If not, Marketo still recommends using secured links as a best practice, as it can help with deliverability and avoid spam traps; plus, it looks far more professional to have secured links, and can foster brand confidence when your recipients know their email->web page redirect is fully secure.   For additional questions on anything technical, just ask the Marketo Support team! If it's a pricing or commercial question, please reach out to your Customer Success Manager.
View full article
  Overview SSO Authentication Updating SSO Credentials Tips SSO Only Login Wait to disable the existing certificate Overview Marketo’s Single Sign On (SSO) feature allows your company to use your own company’s SSO service to authenticate your login into your Marketo instance. Your initial setup of the SSO is covered in the documentation here.   You may need to change your SSO authentication settings after the initial setup. This document will show you the process on how to do so.     SSO Authentication The Identity Provider (IdP) you use will provide you with your SSO authentication credentials and security certificate. Marketo uses this information to validate your login from your IdP, so these credentials come from your IdP.     Updating SSO Credentials Once you have retrieved the new security certificate, you can enter it into Marketo.   1. Under Admin click on Single Sign-On. 2. Select Edit in the SAML Settings 3. Enter your Issuer ID, Entity ID, select the User ID Location and click Browse. 4. Select your Identity Provider Certificate file. 5. Click Save. Tips There are a couple things to watch out for when changing your SSO certificate. Here’s a couple tips to avoid trouble along the way.     SSO Only Login If your company uses SSO for login, you’ll have an optional setting to restrict login access to your Marketo instance to SSO logins only. This prevents users from logging in directly, forcing the use of SSO.   You can check for this setting under Admin > Login Settings   These settings do allow the creation of a special User Role that can bypass the SSO restriction. However, sometimes as people come and go within the company, the users enabled with that User Role could no longer be available.   TIP: Before changing your SSO certificate, create a new user utilizing this User Role that bypasses the SSO requirement. If something goes wrong while setting up the new certificate, you’ll be glad you have a back door into the Marketo instance!   Wait to disable the existing certificate Your IdP will issue a new certificate, but what if something goes wrong while entering the new information into Marketo?   TIP: Get the new certificate and set it up in Marketo before you fully disable the existing certificate within your IdP on their side. If something happens to the new certificate, you’ll be glad you have the do-over available and can switch back to the existing certificate that still works!
View full article
Issue How to use the REST API to check for deleted leads. Solution You would need to use the specific endpoint This will pull a list of leads deleted within a specific timeframe.  Deletions older than 14 days may be pruned.      
View full article
Issue Will custom settings, such as Launchpoint integrations, API configurations and SFDC sync settings, remain in place when doing an instance copy, or will they be overwritten?     Environment Non-Microsoft Dynamics integrated Instance Solution All permanent configuration settings which can be done to a Marketo instance are reset to the default values or settings in the destination instance. Everything is copied except for the below list: Lead Database and activity history are not copied CRM configuration is reset on the destination instance. Users are not copied. CRM Field Mappings are removed in the destination instance except for standard mappings, and must be set during the Field Mapping Stage of CRM sync initialization. RCA information is not copied. Program subscriptions are not copied. Campaign History is not Copied. CNAMES for Email links and LPs are not copied. All Account-string based properties are modified accordingly. Munchkin ID of the destination instance is preserved. Sales Insight Admin Configuration is Reset. Outlook licenses are not copied. All pre-existing data on the destination instance will be destroyed. Asset IDs for emails, landing pages, and programs will match Launchpoint and API integrations are not copied   If data may exist on the destination instance prior to the copy process, this may require that you work with your Success Manager to obtain a replacement instance for the copy to be completed. NOTE* This process is not applicable to customers utilizing the native Microsoft Dynamics integration.
View full article
Issue After going through a modification of a text field type from 'Text' to 'String', the field is no longer available as a filter for smartlists. Don't worry, the field is not gone - it is just temporarly unavailable. Solution Changing the field type from one type to another is a database intensive operation and in some cases where the field values are widely populated across your database records, this can cause the filter to be unavailable until the operation is completed in full. The time it takes for the field filter to become available may vary and it can take up to ~30 hours sometimes until the field filter is available again after the type of the field has been changed.  
View full article
System Uptime and Reliability   Month Uptime May 2022 99.953% April 2022 99.946% March 2022 99.933% February 2022 99.576% January 2022 99.700% December 2021 99.965% November 2021 99.970% October 2021 99.988% September 2021 99.929% August 2021 99.996% July 2021 99.999% June 2021 99.866%     Email Deliverability Score     Trusted IPs All IPs Month Cisco SenderBase Good/Neutral/Poor ReturnPath Sender Score 0 to 100 Cisco SenderBase Good/Neutral/Poor ReturnPath Sender Score 0 to 100 May 2022 Good 99 Good 98 April 2022 Good 98 Good 98 March 2022 Good 98 Good 98 February 2022 Good 98 Good 98 January 2022 Good 98 Good 98 December 2021 Good 98 Good 98 November 2021 Good 99 Good 98 October 2021 Good 99 Good 98 September 2021 Good 99 Good 98 August 2021 Good 99 Good 98 July 2021 Good 98 Good 98 June 2021 Good 99 Good 98
View full article
Marketo Support's Mission is:  To provide fast and friendly world-class support through creative, flexible solutions to empower Marketo Automation Software success.   Areas of Responsibility: Technical Support Engineers (TSEs) are your initial point of contact for any technical questions or concerns. TSEs are responsible for troubleshooting issues within your Marketo instance and common include:   My Marketo Marketing Activities Design Studio Lead Database Analytics Revenue Explorer (RCA/RCE) Calendar Deliverability Tools Search Engine Optimization (SEO) Web Personalization (RTP) Admin Community   Our TSEs are not web developers and as a result they are unable to troubleshoot most types of custom coding (ie. HTML, JavaScript, XML, etc.). Our support team is able to help with the following types of non-custom code:    Simple Munchkin Code Asynchronous Munchkin Code Asynchronous jQuery Munchkin Code SOAP API REST API   Our TSEs are here to assist you and our support commitment to our customers is to always work towards providing an above and beyond support experience.   Note: Our team is not against looking at custom code and, based on the subject matter expertise, our TSEs might be able to offer suggestions and recommendations, but we do want to make it clear that they are not responsible for fixing or updating any custom code that has been implemented.   Response Time   Our TSEs are bound to responding to your cases and issues within the Service Level Agreements from your account's level of support services.  We track response milestones to ensure that your cases are being handled in a timely manner as dictated by our agreed to Service Level Targets.
View full article
Applies to: Email Performance Report, Email Link Performance Report, Engagement Stream Performance Report, Landing Page Performance Report, Program Performance Report, Sales Insight Performance Report When you create a report in the Analytics area, by default the report will only show reporting for the current workspace. This is a article attached image Once the report is created, under the Setup tab, you can add filters to filter by asset. For example, Filter Assets in an Email Report. If you filter for the workspace, it will show reporting for all assets in the workspace, similar to the default view without a filter: This is a article attached image To add reporting across all workspaces, use Enable Global Reporting in the report settings within the Setup tab. Note: Global Reporting is only available in your instance's default workspace.
View full article
  Note: This document applies to the Marketo Secured Domains for Tracking Links product only.   Every link you include in your Marketo emails will have tracking code automatically appended when sent. For those in highly regulated industries, your company may require that you securely encrypt the Marketo tracking links. Remember that Marketo takes the URLs you place inside of emails and shortens them using the "Branded Tracking Link" domain (this is another CNAME you set up in Marketo under Admin--> Email). These tracking links are how Marketo enables you to track engagement with your emails.   Setting Up Secured Domains for Tracking Links instructions - Setting Up Secured Domains for Tracking Links   Do I need to secure my Tracking Links? If your company (likely IT) has implemented HSTS, you WILL need to secure your tracking links for your recipients' email->web page redirect to function correctly. Additional information on HSTS, including how to check if it's been implemented on your domain can be found here: SSL: The HSTS Policy and Your Marketo Subdomains.   HSTS is a web server directive companies may choose to enforce which forces all subsequent requests for resources on that domain to be loaded through HTTPS.  This is most common for those in highly regulated industries, such as financial and healthcare institutions. Please note, enforcing HSTS does not also convert Marketo tracking links in emails to HTTPS - that must be done via Marketo Support.   Other Helpful FAQs What is Marketo Secured Domains for Tracking Links? This secures the tracking link domains (which is what makes the URLs appear as HTTPS instead of HTTP) by providing the SSL certificate for each unique domain. Please note tracking links are NOT the same as your SPF/DKIM domain, which is the domain from which your emails are sent., whereas this is the domain located within your emails that tracks click-throughs.   How many domains can I secure with the Secured Domains for Tracking Links? Technically, there is no limit to the number of tracking link domains a customer may have. The base Secured Domains offering included on all subscriptions covers the cost to secure your first tracking link domain; however, if you need more, you may simply add additional domains to your contract a la carte, so you only pay for what you need (in contrast to the previous bundled offering). Contact your Marketo Customer Success Manager for more information.   How is the Secured Domains for Tracking Links product different than the Secured Page Services, SSL for Tracking Links service? Unlike the legacy SSL-only service, Secured Domains not only generates and auto-renews all certificates needed for securing your domains, but provides an exponential layer to what 'secured' entails - it's not just an SSL certificate anymore. For a full explanation of Marketo's Secured Domains offering, and how it differs from just the SSL certificate, please see this Nation Post or check out this Marketo Blog Post about cyber-security and marketing.   What setup/configuration is required before securing my Marketo Tracking Links? You must configure (brand) your CNAMES for Email Tracking links. More information here: Brand Your Tracking Links   Can I secure my tracking links without securing my Marketo landing pages? Technically? Sure. But while secured tracking links have yet to be enforced by email clients, secured landing pages have been enforced by browsers since 2018, which is why we include both in our base bundle. The general public is far more likely to not stick around or enter personal data on an unsecured landing page than they are to not click an unsecured tracking link.   Do I need to provide a TLS/SSL Certificate? No. Secured Domains moves 100% of the SSL ownership to Marketo - all aspects of procuring, managing and renewing certificates is done automatically without human interaction. In fact, we only allow customer-provided certificates on an exception-only basis, OR if you require an Extended Validation (EV) type certificate.   What Certificate Authority issues the certificate(s) for the Marketo’s Secured Domains for Landing Pages product? The certificates are authored by DigiCert.   What type of certificate is provided? We produce a pack of two certificates; The primary certificate uses a P-256 key, is SHA-2/ECDSA signed, and will be presented to browsers that support elliptic curve cryptography (ECC). The secondary or fallback certificate uses an RSA 2048-bit key, is SHA-2/RSA signed, and will be presented to browsers that do not support ECC.   Will my domains be on a shared SSL certificate with other companies? As part of our Secured Domains products, each of your fully qualified domain names will get its own certificate. That means you will not be on a shared certificate with other companies.   Can I provide my own SSL certificate(s) to secure my domains? Not unless it's an Extended Validation (EV) type certificate. Marketo can only automatically renew the certificates we generate to secure your domains.   Are security headers applied to my tracking link domain? Security headers are applied to tracked links in emails that are sent to your leads. The tracking link domain itself (e.g. https://click.example.com) will not return all security headers. The subdomain itself does not host content and is not intended to be browsed. Marketo Support will not respond to security scans performed on the tracking link domain itself.
View full article
The Google Apps antispam system uses a unique means of allowlisting. Customers on shared IPs should allowlist Marketo's entire sending ranges, because we sometimes need to move customers between IPs for technical reasons. The way to allowlist a range in Google Apps is to configure a manual IP block with a pass through.   G Suite enables you to specify an IP address or range of addresses within a domain, and allow messages from those addresses only. This feature is sometimes referred to as IP lock. In G Suite, you set up this feature in the Content compliance setting. IP lock is a method that readily enables an administrator to simultaneously whitelist all incoming traffic from a particular domain while equally preventing spoofing by manually defining the allowed IP ranges. The following instructions are particularly useful with domains that do not have an SPF record and/or use third party applications to legitimately spoof their address. Setting up IP lock with the Content compliance setting includes three separate procedures: Adding the domain, defining the allowed IP range, and setting the correct disposition and NDR.   See this page of Google documentation for more information: Enforce 'IP lock' in G Suite - G Suite Administrator Help Instead of using a CIDR range, this interface asks for the first and last IPs in the given range. Here are ours:   199.15.212.0 - 199.15.212.255 199.15.213.0 - 199.15.213.255 199.15.214.0 - 199.15.214.255 199.15.215.0 - 199.15.215.255 192.28.146.0 - 192.28.146.255 192.28.147.0 - 192.28.147.255 94.236.119.0 - 94.236.119.63 185.28.196.0 - 185.28.196.255 103.237.104.0 - 103.237.104.255 103.237.105.0 - 103.237.105.255 130.248.172.0 -  130.248.172.255 130.248.173.0 -  130.248.173.255   Is this article helpful ? YesNo
View full article
Issue After declaring a champion for your Champion/Challenger test, you notice that the test (ex: "Whole Emails" test) in the Marketing Activities asset tree under your Email Asset is missing.   Root Cause When you declare a champion, you select a Declare Date. Once this date/time is reached, only the new champion will be sent. After the test is over, it is expected behavior that the test (ex: "Whole Emails" test) will no longer be shown in the tree. This is because the test is no longer active. If you would like to retain your test data, it is recommended that you save this outside of Marketo.
View full article
Issue You are seeing a discrepancy in email activities (Sent, Delivered, Open, etc.) when comparing the RCE Email Analysis report and Email Performance Report, when looking at the same email and date range.   Root Cause Here are some of the most common reasons for a discrepancy between the RCE and Email Performance Report (EPR): Deleted/Merged Leads: If you have leads that received emails and then were deleted or merged in Marketo, their individual email activities will be included in EPR. RCE will not count deleted or loser leads from a merge Re-sent Emails: If you re-send the same email to the same lead using the same smart campaign, EPR will only show the 1st send occurrence. RCE will show all email activities for a lead. Delivered & Soft Bounce: There are situations where a lead will log a Delivered activity and then shortly after, a Soft Bounce activity. In these situations, EPR will show this lead as a Soft Bounce count, whereas RCE will show this lead as a Delivered count. If you are still seeing a discrepancy between the reports that cannot be explained with the above, reach out to Marketo Support to help advise.
View full article
To enumerate and request all Design studio files programmatically, Marketo offers a REST API endpoint.   Please refer to our official documentation here: https://developers.marketo.com/rest-api/assets/files/#browse
View full article
On September 30th, 2021 we sunset our Sales Navigator integration with Adobe Marketo Engage Sales Connect. When we first built this integration, we aimed to deliver key insights to sellers that allowed them to identify the right customers to engage with. This continues to be our goal as we invest in Marketo Engage Sales Connect and deliver future innovations to drive value to both our marketing and sales users. The sunset is in part due to the planned deprecation of LinkedIn’s Company and Profile API’s which we currently use to support the integration. LinkedIn has decided to no longer support these API’s and has not provided any replacement. There will be no action required on your part and you can expect to see the tab removed in September 2021. Kind regards,   Adobe 
View full article
Issue How to subscribe to Marketo service interruption and outage notices.     Solution Issue Resolution Visit status.marketo.com and click the "Subscribe to Outages" button in the top right corner. You will then be able to choose your method of subscription.  
View full article
Issue An email was expected to sent out on a specific cast of Nurture Program but a specific lead or couple of records did not receive it.   Environment Marketo>Engagement Program Solution There are a number of steps to begin troubleshooting this query and here is a flowchart how to proceed. 1). Check if engagement program is turned on from its setup up. Also check if at the time of email cast, the program status was on (this can be checked from Admin>Audit Trial) 2). Check if the email asset which was expected to send was present in the Nurture Stream at the time of cast. Also check if that email asset was activated (having green arrow). Both of these can be checked from Audit trail where you will find the log of "Add Email" and "Activate Email" along with its date/time. 3). Check if the lead is present in that specific stream using the smart list filter "Member of Engagement Program > Stream = <required stream>" 4). In the same smart list, use filter of "Engagement Program Cadence Changed" and set "New Value = Paused" and see if that lead qualifies it or not. A paused cadence would mean the lead has been temporarily restricted to move in the flow of nurture stream and hence will not received any email content. 5). Most important step- Go to the activity log of lead and search for the engagement program's name in the quick find bar. Look for all logs along with their dates when the lead performed any activity related to that engagement program like added to program, changed cadence, removed from program, etc. 6). In continuation of step 5, check in the activity log if the lead was added to engagement program in less than 25 hours before the next cast by looking at the time of log "Added to Engagement Program". This is because as per the doc, the lead must be added atleast 25 hours before the cast to abide by the recipient  time zones otherwise it will skip that current cast and will qualify for the next cast. Schedule Engagement Programs with Recipient Time Zone | Adobe Marketo 7). In continuation to step 5, check if the lead was moved to a different stream via getting qualified into transition rules. Transition rules are present in stream of those engagement programs that have more than one stream and are used to move leads from one stream to another. Transition People Between Engagement Streams | Adobe Marketo 8). Check if the lead is unsubscribed, email invalid, email suspended (this one is only valid for 24 hours), marketing suspended or block listed because any of these 5 conditions would block the lead from receiving any communication from any of the Marketo's program or campaign. 9). Check if the record has hit the communication limit. Go to Admin>Communication limit and see what we currently have setup. If limit is 2 emails per day, then create smart list "Was sent email>Email Is ANY> Minimum Number of times 2" and see if lead qualifies in it. Alternatively you can go into lead's activity log and manually count number of "Send Email" logs in last 24 hours and in last 7 days and match it with the communication limit of Admin tab. Using programs as stream content: We can also use programs (default and event) in nurture stream instead of direct email assets. 10). In case of using a program, the email can be sent out to the required audience only if that program have a smart campaign with filter "Member of Engagement Program>Name of Program" and flowstep of "Send Email". So make sure the smart campaign has these configurations. (Make sure the campaign has to be a batch campaign and not trigger) 11). If above pointer is true still record is not present in the result tab of the campaign, then check all steps from step 1- step 9. If nothing is found then check if smart list has more than just "Member of Engagement Program" filter and if the lead is failing to qualify any of the other filter. 12). Check in the schedule tab if qualification rules says "Each Lead can qualify only once". If yes then go to campaign member tab and search if lead is already a member, if yes then lead will not qualify again and this is why email was not sent. 13). Check if flowstep has a wait step and the lead is stuck there because wait step does not create any log in the results tab. People in waitstep can be checked from dashboard of the smart campaign. 14). For any other possible reason why the lead did not qualify the smart campaign, you can look for the knowledge base "Lead not qualifying smart campaign- Universal Checklist" under heading of Batch Campaign: marketo.my.salesforce.com/articles/en_US/Article/Lead-not-qualiying-smart-campaign-Universal-Checklist?popup=true 15). If all above pointers have been checked still unable to figure out why the email was not sent on a specific cast, escalate the case to Tier 2.
View full article
It's one of the most common calls we get in Support - "This lead should have qualified for this campaign, but it didn't. Why?"  Here's how we go about answering this question, and you can do it too.   Did the lead actually qualify? Sometimes the leads do qualify for the campaign but don't go through the flow.  One quick way to check this is to look at the campaign membership.  If the lead qualified, it will become a member of the Smart Campaign, even if it doesn't go through the flow. Has the lead gone through the flow before?  We can check this in the campaign results. If it has, we need to see if the campaign allows the leads to go through the flow more than once. If the campaign is set up to allow leads to run through the flow multiple times, then we need to proceed with troubleshooting. But if it is not, we have our answer - the lead didn't go through the campaign because it had done so previously and couldn't go through again.   Did the trigger have constraints? If it didn't, we move along, but if it did, we need to check and see if the lead met the requirements of the constraints at the time the lead hit the trigger. This is very important.  If, for instance, there was a constraint that required a value in a field, and that field was not populated before the trigger went off, then the lead wouldn't qualify.  The timestamps in the activity log for the trigger activity and the value change might be the same, but if the value change for the field happened even a fraction of a second after the trigger event, it's still too late. The lead will not qualify.  Looking at the lead now, it looks like it qualifies, but at the moment the campaign was triggered, the lead had different information, so check to see when the required values were written to the lead.   Did the Smart List have filters in addition to the trigger? Just like the constraints, we need to confirm the lead satisfied the filter requirements before the trigger fired.  This can get complicated if one of your filter requirements is "Member of Smart List" because you are going to have to go into the referenced Smart List and confirm the lead met all those requirements, and if that Smart List also contains a "Member of Smart List" filter, then will have to check that one as well and, well, you will see why we in Support recommend against nesting Smart Lists.   Has the campaign been changed since the lead hit the trigger? We tend to assume that the campaign we are looking at today is the same as it was when the lead hit the trigger, but this is often not the case.  Check through the Audit Trail to see if there have been any changes.  Maybe a constraint was added, removed, or changed.  Maybe the filter logic was changed from AND to OR.  Maybe it used to only let leads go through the flow once.  If the campaign was changed, you will need to go through the troubleshooting steps above all over again, checking against what the campaign used to have, rather than what it has now.  If you have nested Smart Lists, it may be that the campaign didn't change at all, but a filter criteria in a the secondary Smart List did.  This is another reason why nested Smart Lists should be avoided if possible.   If you go through these steps and still can't figure it out, open a case in Support and include the results of the troubleshooting above so we can look into it further.
View full article
Issue How to test Facebook lead generation form functionality without viewing the advertisement on Facebook Solution Use the lead ads testing tool by clicking on the link - https://developers.facebook.com/tools/lead-ads-testing   to create a test lead. You should use this tool with a valid Facebook Ad Account. Login to Facebook with the same account you used to set up the integration with Marketo. Select the Page and Form you want to create a test lead from. Ensure the Marketo app (APP ID 1480829408843427) is diplayed on "WEBHOOK SUBSCRIPTION FOR THE SELECTED PAGE" section. Click on the "Create Lead" button. In the "WEBHOOK SUBSCRIPTION FOR THE SELECTED PAGE" Click on "Track Status" button which updates real time until you get a response from Marketo. If you do not have the "WEBHOOK SUBSCRIPTION FOR THE SELECTED PAGE" in Facebook, c omplete the following: Go into the Facebook Lead Ad Launchpoint service in Marketo and unselect all the pages. Finish the setup and save. Do not delete the Launchpoint service but de-select the pages Go back into the Facebook Lead Ad Launchpoint service and re-select the list of pages. Finish the setup and save. This will kick in the code that registers the webhooks on the pages again. It is important to go through step 1 first or the code will not re-register the page. Try creating a lead using the lead ad testing tool. In Marketo, the email address "test@fb.com" should be created.    
View full article
In your email link performance reports, you may see a "malformed link."     This occurs when invalid or empty URLs are present in an email asset.   These links are transformed into a branded tracking link and if clicked will appear on this report.    In the email editor, check for empty links or tokens that do not populate a full link. 
View full article
In your email link performance reports, you may see a "malformed link."     This occurs when invalid or empty URLs are present in an email asset.   These links are transformed into a branded tracking link and if clicked will appear on this report.    In the email editor, check for empty links or tokens that do not populate a full link. 
View full article