Google Tag Manager First-Party Mode Guide

We will get into the First-Party Mode for hosting tags.

While the concept and official documentation are more focused on the technical aspects of web development, this guide will simplify it for everyone, with visual examples and clear explanations of key terms.

🚨 Note: Check out the Terminology section for key First-Party context lingo. If you’re already familiar with them, please skip to the sections that interest you.

We’ll cover: 

• What Is First-Party Mode?
• Understanding the Process
• How to Set up First-Party Mode for Hosting Tags
• First-Party Mode vs Server-Side Tagging

Let’s dive in!

What Is First-Party Mode?

First-party mode allows you to use Google’s tracking tools through your own website’s system instead of directly relying on Google’s servers.

The definition in the documentation says:

First-party mode lets you deploy a Google tag using your first-party infrastructure, hosted on your website’s domain (e.g., example.com). This infrastructure sits between your website and Google’s services, making your first-party infrastructure the only technology to interact directly with your website users.

To clarify, having this setup means that all your interactions with your website users are managed by your infrastructure before any data reaches Google.

What exactly do we mean by your infrastructure? 

Your infrastructure, also known as first-party infrastructure, includes the servers and systems that belong to and are controlled by your website or company.

This technology, such as your website’s server, content delivery network (CDN), or load balancer, helps manage your website and user data without relying on outside services.

The goal is to improve data security and privacy. For example, the first-party mode allows you to hide a user’s IP address (IP obfuscation) while still letting you measure web activities.

Understanding the Process

Comparing standard Google Tag setups and First-party Mode (FPM) setups helps clarify how data is handled and why FPM offers more control and privacy.

Standard Google Tag Setup

In a traditional Google tag setup, your web page asks (HTTP request) for a Google tag from a Google domain like www.googletagmanager.com.

This request is to fetch an external JavaScript file. The server returns the JavaScript code (the tag) to the web page. This code is then executed by the browser.

If you have a Google tag installed (GTM, Google ads, etc.) on your website, you can see this request by following these steps in your Chrome developer tools:

1. Right-click anywhere on your screen
2. Select Inspect
3. Click the Network tab and refresh the page
4. In the Filter, type js?id=
5. In the Name column, click any resource

In the Headers section, you’ll see the Request URL.

Once the files are loaded on your webpage, the Google tag (like GA4) fires, typically after an event occurs (such as a page load or user interaction). When this happens, it sends measurement requests to Google’s collection servers.

When the tag runs, it sends tracking data straight to the Google service.

This is key to understanding how First-Party Mode works.

You can see how data is sent to Google Analytics servers with these steps:

1. Right-click anywhere on your screen
2. Select Inspect
3. Click the Network tab and refresh the page
4. In the Filter, type collect?
5. In the Name column, click a resource containing your GA Measurement ID. For ex:
   collect?v=2&tid=G-FVDBDW3R80&

In the Headers section, you’ll see the Request URL.

First-Party Mode Setup

When someone visits your site, the request is first made to your website, specifically to the path you’ve reserved, for example, yourwebsite.com/metrics.

Therefore, in First-Party Mode, the Google tag is not directly loaded from a Google domain like googletagmanager.com 

Instead, it’s served from your domain yourwebsite.com, which gives the appearance that everything is coming from your site, adding more privacy and control.

However, your server or CDN is forwarding (routing) that request to Google’s servers to fetch the actual Google tag.

On your website, when the Google tag fires (think of a page view, button clicks,  etc.), the tag will send the collected data to your first-party domain (again a CDN or Load Balancer), and then from there, they are forwarded to a Google product like GA4.

Everything is handled on your domain before the data is forwarded to Google services like GA4.

Read on, if you want to understand clearly how this happens behind the scenes.

How to Set up First-Party Mode for Hosting Tags

The steps to set up First-Party Mode for hosting tags consist of:

1. Choose a Tag Serving Path
2. Set Up Routing with a load balancer, a CDN, or a web server
3. Replace Google Tag Scripts
4. Replace Google Tag Scripts
5. Test the Setup

Google has a straightforward guide on how to set up First-Party Mode.

Here, we’ll break down the steps from the guide using Cloudflare.

🚨 Note: You need an existing Content Delivery Network (CDN), load balancer, or a web server, to enable first-party mode. If needed, see the Terminology section to help you.

How It Works

1. Choose a Tag Serving Path

You need to pick a specific URL path on your website (e.g., yourwebsite.com/metrics) that will load the Google tag. This path should be unused to avoid conflicts with other parts of your site.

2. Set Up Routing with a CNAME

Once the path is chosen, you set up a CNAME entry, like fps.yourwebsite.com in your CDN. This CNAME entry tells your website to internally route the request made to yourwebsite.com/metrics to a Google server (e.g., G-12345.fps.goog).

At the same time, you create rules (Origin Rules) to ensure that when a request comes in at yourwebsite.com/metrics, it is forwarded (routed) to Google behind the scenes.

3. Replace Google Tag Scripts

In a standard setup, the Google tag is loaded from googletagmanager.com. 

But in First-Party Mode, you update the scripts on your website so that the Google tag is now loaded from the path you set up (e.g., yourwebsite.com/metrics).

4. Test the Setup

Finally, you can test the setup by navigating your site and verifying in the Tag Assistant that the data requests are being sent to yourwebsite.com/metrics.

First-Party Mode vs Server-Side Tagging

At first, it may appear that First-Party Mode and Server-side tagging are the same. They’re similar because both can be set up on your servers (first-party).

However, they do differ when it comes to setup, processing data, and resources (cost and technology).

Domain Differences

First-party mode and server-side tagging differ in how they handle domains. In server-side Google Tag Manager, you can often use subdomains (e.g., data.yourwebsite.com).

However, First-Party Mode requires everything to be on the same domain using a subfolder path (e.g., yourwebsite.com/metrics).

A subdomain setup will not work in First-Party Mode.

CDNs vs. Data Pipelines

However, the main difference is that First-Party Mode uses your content delivery network (CDN) to forward data requests, while server-side tagging is more focused on managing the entire process of collecting, processing, and sending data (data flow or pipeline). 

In short, a CDN is mainly used to quickly deliver website content or scripts) to users by using nearby servers, making websites load faster, while a data pipeline is about handling and managing the data collected from the website before sending it out.

In a data pipeline, data moves from your website, gets processed on your server, and is then sent to other systems like Google Analytics. This gives you more control over the data before it’s shared with third-party services.

First-Party Mode only works if your website and the tracking setup are on the same domain, like example.com.

If you try to use a subdomain like track.example.com, it won’t work because it’s treated as a separate site. Everything has to be on the same main domain for it to function properly.

Save Resources with First-Party Mode

The big benefit of First-Party Mode is that you can use your tools, like a content delivery network (CDN) or load balancer, instead of relying on more expensive options like server-side tagging (SGTM).

This can make things more efficient and potentially save money, as you’re using your infrastructure to load important files like Google tracking tags.

Advanced Setup and Potential Costs

However, setting up First-Party Mode for hosting tags requires advanced technology, like Cloudflare Enterprise or other similar tools, which can be expensive. 

Not all websites have access to services that let them create custom routing or manage the setup easily. Because of this, First-Party Mode can be too costly or complicated for most websites. 

Google offers it as an option, but for many sites, the effort and price might not be worth the small benefits received.

The key takeaway is that both incur costs. 

Summary

We’ve covered what First-Party Mode is and how you can use your website’s infrastructure to be the first point of contact between your users and the data collection process, giving you more control before forwarding the data to services like Google.

We’ve seen how it differs from Server-side tagging. 

As mentioned above, First-Party Mode requires special technology to set up, like expensive services such as Cloudflare Enterprise, or having your own load balancer or content delivery network (CDN). 

Because these tools are readily available for everyone and are complex to use or costly, most regular websites won’t be able to use First-Party Mode easily.

This is the reason why server-side tagging, at the moment, remains a recommended choice by analytics professionals.

If you are interested in learning more about serving data in the first-party context, such as serving Google scripts from your servers, you can check this guide (video included) on How to Set Up Google Tag Manager Server-Side Tagging.

What are your thoughts on First-Party Mode and do you prefer sticking to server-side tagging? Let us know in the comments below.

Terminology

Load Balancer

A tool that distributes website traffic across multiple servers to prevent overload and ensure faster performance.

CDN (Content Delivery Network)

A network of servers that deliver website content (like images or scripts) faster by using servers closest to the user.

CNAME (Canonical Name)

A type of DNS record that redirects one domain or subdomain (like fps.yourwebsite.com) to another, often used for routing requests in First-Party Mode.

First-Party Infrastructure

First-party infrastructure is the systems and technologies that a company directly owns and controls to collect, manage, and use customer data.

In our context, it’s also the technology owned and controlled by your website (like your server or CDN) that handles data before it’s sent to third parties like Google. This includes servers, content delivery networks (CDNs), or other technologies.

First-Party Mode

First-party mode lets you use your own website’s systems to load the Google tag from your domain (e.g., yourwebsite.com) instead of directly from Google’s servers.

Your infrastructure handles all interactions with website users and then forwards the data to Google, giving you more control over how the data is processed.

Origin Rule

A rule set in your CDN or server that determines where incoming requests (such as those for data or files) should be sent. For example, it forwards requests made to your site to a Google server.

Requests

When someone visits a website, their browser can send and request information from the server, such as loading the page, images, or scripts.

For example, with GA4 installed, when you click a link or submit a form, the browser sends that data to a server, such as Google Analytics or the website’s server.

Routing

The process of forwarding data or requests from one place to another. For example, in First-Party Mode, the request to load the Google tag is routed from your website’s domain to Google’s servers behind the scenes.