Skip to main content

How to Deploy Knock2 Behind Your Consent Management Platform

Written by Knocky
Updated over 2 weeks ago

If your website uses a consent management platform (CMP) like OneTrust, Cookiebot, or Osano, you can configure Knock2 to load only after a visitor has given consent. This guide walks you through how to set it up.

Why Deploy Behind a CMP?

Privacy regulations like GDPR, CCPA, and California's Invasion of Privacy Act (CIPA) may require websites to obtain visitor consent before loading tracking technologies. By deploying Knock2 behind your CMP, you ensure the Knock2 script only fires after a visitor has opted in.

Important: Knock2 does not provide a consent banner or consent management tool. Your business is responsible for implementing an appropriate consent mechanism and determining what level of consent is required under applicable laws. This guide covers how to make Knock2 work with the CMP you already have in place.

What Knock2 Collects

Before configuring consent, it helps to understand what the Knock2 script collects so you can categorize it correctly in your CMP.

Data

Details

IP address

Captured server-side for company identification

Page URLs visited

Current page path and navigation history within the session

User agent

Browser and device information

Referrer

The page or source that referred the visitor

UTM parameters

Campaign attribution data from the URL (utm_source, utm_medium, etc.)

Persistent cookie

A unique session identifier stored as a first-party cookie

Knock2 does not capture keystrokes, search terms, form field content, or session recordings. All data is sent to Knock2's servers and is not forwarded to third-party advertising or analytics platforms.

In most CMPs, Knock2 should be categorized under "Analytics" or "Performance" cookies.

Option 1: Deploy via Google Tag Manager (Recommended)

If you use Google Tag Manager, this is the simplest approach. You'll create a trigger that fires only after consent is granted, then attach it to the Knock2 tag.

Step 1: Set Up the Knock2 Tag

In GTM, create a new Custom HTML tag and paste your Knock2 embed script:

<script async src="https://knock2-backend-2ba4792164c3.herokuapp.com/install/YOUR_KNOCK2_ID"></script>

Replace YOUR_KNOCK2_ID with your Knock2 ID (found in your dashboard). This is typically your domain with underscores, for example companyname_com.

Step 2: Create a Consent-Based Trigger

The trigger setup depends on which CMP you use.

OneTrust

OneTrust pushes consent events to the GTM data layer. Create a Custom Event trigger with the following settings:

  1. Go to Triggers > New > Custom Event

  2. Event name: Enter OneTrustGroupsUpdated

  3. Add a condition: Create a Data Layer Variable called OnetrustActiveGroups. In your trigger, add the condition: OnetrustActiveGroups contains C0002 (C0002 is OneTrust's default category for Performance/Analytics cookies. Confirm the correct group ID in your OneTrust dashboard.)

  4. Save the trigger and attach it to your Knock2 tag

Cookiebot

Cookiebot fires a cookie_consent_update event to the data layer when consent changes.

  1. Go to Triggers > New > Custom Event

  2. Event name: Enter cookie_consent_update

  3. Add a condition: Create a 1st Party Cookie variable for CookieConsent. Add the condition: CookieConsent contains statistics:true

  4. Save the trigger and attach it to your Knock2 tag

Osano

Osano uses a consent manager that can push events to the data layer.

  1. In Osano's dashboard, enable the GTM integration and map the "Analytics" category

  2. In GTM, go to Triggers > New > Custom Event

  3. Event name: Enter osano-consent-changed

  4. Add a condition to check that the analytics consent category has been accepted

  5. Save the trigger and attach it to your Knock2 tag

Other CMP

Most CMPs follow a similar pattern. Check your CMP's documentation for:

  1. The data layer event name that fires when consent is updated (often something like consent_update or consent_given)

  2. The variable or cookie that stores the user's consent preferences

  3. Create a Custom Event trigger in GTM using that event name, with a condition that checks for analytics/performance consent

  4. Attach the trigger to your Knock2 Custom HTML tag

If your CMP isn't listed and you need help, reach out to support@knock2.ai and we'll help you set it up.

Step 3: Remove Any Existing Hard-Coded Script

If you previously added the Knock2 script directly to your website's HTML (outside of GTM), make sure to remove it. Otherwise the script will load twice: once without consent (from the hard-coded version) and once with consent (from GTM).

โš ๏ธ Having both a hard-coded script and a GTM tag will bypass your consent flow entirely. Make sure the Knock2 script only loads through GTM.

Option 2: Conditional Script Loading (Without GTM)

If you don't use Google Tag Manager, you can load the Knock2 script conditionally using JavaScript. Listen for your CMP's consent event, then inject the script only after consent is given.

function loadKnock2() {   var script = document.createElement('script');   script.async = true;   script.src = 'https://knock2-backend-2ba4792164c3.herokuapp.com/install/YOUR_KNOCK2_ID';   document.head.appendChild(script); }  // Example: Listen for your CMP's consent event // Replace this with the appropriate listener for your CMP window.addEventListener('consent_granted', function(e) {   if (e.detail && e.detail.analytics === true) {     loadKnock2();   } });

Replace YOUR_KNOCK2_ID with your Knock2 ID (e.g. companyname_com). Adapt the event listener to match your CMP's API. Refer to your CMP's documentation for the correct event name and consent check.

Update Your Privacy Policy

If you haven't already, add Knock2 to your website's privacy policy and cookie disclosure. Here's example language you can adapt:

"We use Knock2, a website visitor identification service, to identify businesses visiting our website. Knock2 collects IP addresses, page URLs, browser information, referral sources, and campaign parameters. This data is used to identify potential business prospects and improve our sales outreach. For more information, visit knock2.ai/privacy-policy."

FAQ

Will this reduce the number of visitors Knock2 identifies?

Yes. Visitors who decline consent or don't interact with the banner will not be tracked. The tradeoff is stronger compliance. Many businesses find that the majority of visitors accept analytics cookies, so the impact is often moderate.

What if I don't have a CMP yet?

If you need to implement a consent management platform, popular options include OneTrust, Cookiebot, and Osano. These platforms handle the consent banner, preference storage, and integration with tools like GTM. We recommend evaluating which one fits your needs and budget before deploying any tracking tools behind consent.

Does Knock2 support Google Consent Mode v2?

Knock2 can be loaded conditionally based on Google Consent Mode signals through GTM. If you're using Consent Mode v2, configure your Knock2 tag to require analytics_storage: granted before firing.

Need help? If you have questions about deploying Knock2 behind your consent management platform, reach out to support@knock2.ai and our team will help you get set up.

Did this answer your question?