Identity in Data Collection
Adobe Data Collection uses identity signals to recognize returning visitors and carry context across experiences. When a visitor reaches your site, the Edge Network generates an Experience Cloud ID (ECID) and persists it in a first-party cookie. That ECID is the primary device identifier used across Adobe Experience Cloud applications and is the foundation that analytics, personalization, and audience activation build on. In your implementation, you can access the visitor’s ECID on the client side through the getIdentity command. At the datastream level, you can use Data Prep for Data Collection to map the ECID into a custom XDM field before it reaches downstream services.
The ECID identifies a device, not a person. To tie activity to a known person, you can send additional identifiers, such as a CRM ID or hashed email, alongside the ECID using the XDM identityMap. Adobe recommends setting a person-level namespace as the primary identity whenever one is available.
Beyond the default ECID, Data Collection supports additional identity signals depending on your implementation:
- First-party device IDs (FPIDs): Device identifiers that you generate and manage on infrastructure you control. The Edge Network uses an FPID to seed the ECID, giving you stronger cookie persistence on owned properties when browser restrictions shorten the life of Adobe-managed cookies.
- CORE IDs: A separate, demdex-based identifier that participates in third-party identity workflows when third-party cookies are available. The CORE ID is distinct from the ECID and can be retrieved through
getIdentity. For details on how first-party and third-party identity contexts work together, see Unified identity support.
If you are upgrading from the Visitor API or reconciling older identity behavior, see idMigrationEnabled to migrate existing AMCV cookies.
First-party and third-party collection first-party-and-third-party-collection
The Web SDK always sets identity cookies (such as kndctr_ cookies) as first-party cookies on your domain, regardless of which endpoint receives the data collection request. The collection endpoint (the domain that your implementation sends data to) is a separate choice that affects how browsers and network policies treat the request itself.
First-party collection routes data collection requests through a domain that your organization controls (for example, data.example.com), using a CNAME that points to Adobe’s Edge Network. Because the request stays on your domain, it is less likely to be blocked by ad blockers or browser network restrictions. First-party collection is also a prerequisite for setting first-party device IDs from your own server infrastructure, which is the most durable identity strategy available. Adobe recommends using the Adobe-managed certificate program to configure first-party collection for your implementation.
Third-party collection sends requests directly to an Adobe-owned edgeDomain (such as example.data.adobedc.net). While identity cookies are still set as first-party on your domain, the request itself goes to a third-party domain, which some browsers and ad blockers can restrict.
Choose the right identity pattern choose-your-path
- Strengthen identity persistence on owned properties: Use first-party device IDs when browser restrictions shorten cookie life and you need stronger continuity for analytics and personalization on sites you control.
- Hand off identity from an app to mobile web: Use mobile-to-web identity sharing when the visitor starts in your mobile app and continues in a WebView or mobile web page.
- Keep identity continuous across your domains: Use cross-domain sharing when visitors move between web properties that your organization owns and you want consistent reporting and personalization.
- Combine first-party persistence with third-party activation: Use Unified identity support when you need durable first-party identification alongside supported third-party activation flows.
- Send person-level identifiers: Use
identityMapto send CRM IDs, hashed emails, and other person-level identifiers alongside the ECID so that downstream services can stitch activity to a known person. - Understand how consent affects identity: Read Consent and identity to learn how
defaultConsentandsetConsentcontrol when the Web SDK generates an ECID, sets cookies, and sends data.
For help diagnosing identity issues such as visitor inflation, ECID inconsistencies, or FPID problems, see Troubleshooting identity.