3 Replies Latest reply on Oct 12, 2018 12:06 AM by Sanford Whiteman

    Marketo cookie updation

    Maya Paul

      Hi,

      In our website, we are submitting form fill events and requests by server to server calls(consuming the rest apis of marketo). But the munchkin tracking cookie _mkto_trk does not get updated as its server to server. Is there a work around to update the marketo tracking cookie in this case.

       

      Thanks

      Maya

        • Re: Marketo cookie updation
          Sanford Whiteman

          In our website, we are submitting form fill events and requests by server to server calls(consuming the rest apis of marketo). But the munchkin tracking cookie _mkto_trk does not get updated as its server to server. Is there a work around to update the marketo tracking cookie in this case

          First, of all, why are you using the API here? It's not recommended, and you've most likely introduced a DoS attack vector (which you're about to make worse with the suggestion below). You should strive to use the Marketo Forms API from the client side, not the REST API.

           

          In any case, the REST Associate Lead endpoint can you do what you want. But again I would rethink your architecture.

            • Re: Marketo cookie updation
              Maya Paul

              In our website we had a requirement to carry out server side validations for the values submitted in the form. To achieve this we have changes our architecture to make server to server calls. In this scenario is there a work around for the cookie updations. Can we utilize the associateLead method of the munchkin.

                • Re: Marketo cookie updation
                  Sanford Whiteman

                  You can't use the Munchkin API associateLead if you're posting the form in the background, since you will create duplicates.

                   

                  You can use the REST API Associate Lead, as I mentioned above. Of course it will take up an additional API call per form post.

                   

                  In our website we had a requirement to carry out server side validations for the values submitted in the form.

                  The fallacy of this approach is that you aren't really stopping people from posting forms directly to Marketo and getting around your validation. You've just introduced a lower-capacity means of getting data into Marketo that a hacker can overwhelm much more easily than they could the forms endpoint. Rather than bottlenecking via the REST API, you can create signed form payloads instead and validate them via webhook.