Hi Pierce Ujjainwalla. I embed Marketo forms in WordPress pages using Sanford Whiteman's code, referenced above, and it gives me the ability to fully utilize tokens, form pre-fill, and progressive profiling. I'm not using Marketo dynamic content at this point, so I'm not sure of capabilities there, and - I'll be honest - I do most of my reporting using other methods depending on what I'm after.
Program tokens in your form or on your WP landing page?
Tokens in the campaign. For instance, if I have a smart campaign set up to send a link to an offer, I've set that up as a token. I'm not sure I've added program tokens to a form. I have not tried referencing tokens in a WordPress landing page, either. I'm curious - what is your most practical use case for those?
Tokens in the campaign are fine, I am referring to program tokens on the page itself.
So, for example if you are running a multi-city roadshow, you could have a token for {{my.Roadshow City}} which could be changed at the program level and flow to all emails and landing pages that reference that. Pages hosted outside of Marketo cannot use those.
I looked at the blog post you referenced, and that is cool. You can also pre-fill using Marketo's native API: http://developers.marketo.com/blog/external-page-prefill/
But, both of those approaches require some coding which limits many people on this community.
So, for example if you are running a multi-city roadshow, you could have a token for {{my.Roadshow City}} which could be changed at the program level and flow to all emails and landing pages that reference that. Pages hosted outside of Marketo cannot use those.
Actually, the cross-domain Pre-Fill solution John highlights can inject Program-level {{my.tokens}} into a non-Marketo LP, although it's a niche case and not really what it's made for.
I looked at the blog post you referenced, and that is cool. You can also pre-fill using Marketo's native API
Please never attempt to use the REST API for this. It's a living, (barely) breathing example of a DoS vulnerability and should never be used in a professional environment.
But, both of those approaches require some coding which limits many people on this community.
Complete, working code is in my blog post. It takes no new coding at all and is a drop-in solution for people that are merely experienced Marketo (UI) users.
What am I missing here? Using the API, your service could be brought down by exceeding your daily limits as well, but this is avoidable with proper monitoring and paying for more API requests if needed.
I see this as a scaling concern, not a DoS vulnerability.