Adapex offers our clients a CMP debugging console that works with our custom header bidder wrapper.
CMP and wrapper interaction explained
The wrapper interaction with a CMP is very similar to the interaction GAM has with a CMP. Before each auction initiates (not when the wrapper is loaded or at different points), the wrapper will look for the CMP (both TCF 2.0 and US Privacy). If one or both are detected, it will enable the prebid consent module, which means it will wait for the CMP to retrieve consent before proceeding with the auction.
As a side note: If you run a CMP on countries/regions that do not require a CMP, the wrapper will still wait for the CMP to instruct it that it doesn’t require any consent.
If there is no CMP detected, the auction will run normally.
Important things:
- The CMP must be IAB compliant and TCF 2.0 (1.0 and 1.1 is no longer supported and was never supported by GAM)
- The CMP must be loaded before the wrapper’s auction initiates (later exemplified)
- Currently there’s no individual purpose enforcement, consent for any purpose will start the auction
How the CMP console works
To enable the console, put this at the end of the URL: ?magma=true, and the console will pop up in the top-left corner.
There are 2 modalities for consent frameworks:
- US Privacy (the one for California)
- TCF 2.0 (for GDPR)
The console will run two types of checks: first it detects if the above CMPs exist, then it checks if the CMPs work correctly.
IAB US Privacy CMP
Does it exist on site?
If this CMP exists on site, we see this message: “Prebid detected an IAB US Privacy CMP”.
If it is not implemented, we see: “Prebid DID NOT detect an IAB US Privacy CMP”. We can also see this message when the CMP is implemented, but it is slow and has not yet loaded at the time of the check. This is not optimal, we should make the CMP load before the wrapper if you always want to be compliant.
Does it work correctly?
If it has consent, we see this message: “Interaction with IAB US Privacy CMP successful”. There might be an additional information such as: “IAB US Privacy CMP does not apply for this region”.
If it doesn’t have consent, it means that it either doesn’t have it yet (e.g. the privacy pop up is still open), or the user is not from California (according to the CMP provider). The message is “interaction with IAB US Privacy CMP failed”. To test this we need to use a California VPN (incognito).
TCF 2.0
Does it exist on site?
If this CMP exists on site, we see this message: “Prebid detected an IAB TCF 2.0 CMP”.
If it is not implemented, we see: “Prebid DID NOT detect an IAB TCF 2.0 CMP”. We can also see this message when the CMP is implemented, but it is slow and has not yet loaded at the time of the check. Another case is when a site uses TCF 1.0 version, which is not supported anymore.
Does it work correctly?
If it has consent, we see this message: “Interaction with IAB TCF 2.0 CMP successful”. There might be an additional information such as: “CPM API Response: GDPR Applied: true Status: cmpusshown” and “Status: useractioncomplete”.
Some live examples:
- Page with CMP: http://cdn.adapex.io/test/consentModule.withCMP.html?cmpDebug=true
- Page without CMP: http://cdn.adapex.io/test/consentModule.withoutCMP.html?cmpDebug=true
- Page with CMP (no US Privacy) but throttle the loading by 3 seconds to emulate a slow loading CMP: http://cdn.adapex.io/test/consentModule.withCMP.wrong.html?cmpDebug=true
On all examples the ad refreshes every 30s.
In the 3rd example you can see that the first time the CMP is not detected (since the CMP is loaded after 3 seconds), so the auction goes normally. The second auction the CMP was loaded and the wrapper detects it:
Reporting on CMP
We have set some key values for reporting. If you wish to dig deeper, please request a CMP report from your account manager.