Product tour

Every step between the ad click and the conversion signal, handled

RoasProof is a pipeline: capture the click first-party, resolve it to a user and an order, deliver the enriched event server-side, and prove it arrived. This page walks through each stage in the order your data moves through it.

RoasProof is a server-side conversion tracking platform. It captures ad-click data (fbclid, gclid, ttclid) first-party on your domain, matches clicks to signups and orders, and sends complete conversion events to Meta, Google and TikTok from the server, deduplicated against your existing pixel via a shared event_id.

Event delivery rate: pixel only vs. with server-side

The browser decides whether a pixel event ever leaves the device. Server-side delivery takes the browser out of the equation. Here is what that difference looks like across three traffic segments.

event delivery rate (illustrative scenario)
0%25%50%75%100%share of conversion events delivered to the ad platformChrome / desktopPixel only90%With server-side99%iOS / SafariPixel only70%With server-side98%Ad-block usersPixel only15%With server-side97%

Illustrative scenario, not measured data. It applies the same stated assumptions as our signal-loss calculator: client-side pixels miss 20-40% of iOS/Safari conversions and 5-15% elsewhere, and ad-block users block the pixel request entirely. Server-side delivery, by contrast, runs from our infrastructure, independent of the browser. Your real numbers depend on your audience and setup.

First-party click capture that outlives the browser session

One lightweight script, served from your own domain, records everything about the click the moment the visitor lands, before redirects, checkouts, and cookie purges get a chance to destroy it.

  • Click IDs and UTMs, saved on landing

    fbclid, gclid, ttclid, wbraid and gbraid are read from the landing URL together with every UTM parameter, the referrer, and the landing path. All of it is then written to first-party storage tied to a persistent visitor ID.

  • Survives redirects and payment providers

    The click record lives on your domain, not in the URL. Checkout redirects, payment gateways, and email confirmation flows can strip query strings all they want: the original click is already stored.

  • Resilient against blockers

    Because the script and its collect endpoint are served same-site from your subdomain, generic third-party blocklists that kill pixel requests never match it.

  • Consent-aware by design

    The script integrates with your consent management, so capture follows the visitor’s choices and you decide which fields are stored and shared per platform.

captured click record
visitor_id
vst_9c42d1
fbclid
IwZXh0bgNhZW0CMTEAAR2k…
gclid
-
ttclid
-
utm_source
facebook
utm_medium
paid-social
utm_campaign
summer-sale-us
landing
/products/trail-jacket
referrer
l.facebook.com
first_seen
2026-06-14 09:41:22 UTC

From anonymous click to attributed order

A conversion is only a signal if you can prove which click caused it. We maintain the chain deterministically: click to session, session to user, user to order.

  1. ClickJun 14 · 09:41

    fbclid captured on landing, tied to visitor vst_9c42d1

  2. SessionJun 17 · 20:04

    Return visit recognized by the same first-party visitor ID, three days later and with no click ID in the URL

  3. UserJun 17 · 20:12

    jane@… creates an account; the email joins the visitor to a user record

  4. OrderJun 21 · 09:40

    Order #84213 · €184.50 arrives from the store, attributed to campaign summer-sale-us

  • Deterministic joins, not modeled guesses

    Matches are made on hard identifiers: the persistent visitor ID, the email or phone at signup and checkout, the customer ID on the store webhook. Every attribution is explainable, down to the row.

  • Works across days, devices, and channels

    A click on Tuesday, a signup on Thursday, a purchase the following week from another device: as long as one identifier connects the steps, the order resolves back to the original click and campaign.

  • Order-level attribution you can inspect

    Open any order and see the click that produced it: click ID, campaign, UTMs, landing page, and every session in between. Revenue per campaign stops being an estimate.

Server-side event delivery with a queue behind it

Events leave our infrastructure, not the visitor's browser. Nothing depends on a tab staying open, a script loading, or an API being up at the exact moment of purchase.

event log · live
timeeventdestinationevent_idstatus
09:41:07PurchaseMeta CAPIord_84213delivered
09:41:07PurchaseGoogle Adsord_84213delivered
09:41:08CompletePaymentTikTok Eventsord_84213retrying
09:38:54LeadMeta CAPIld_11930delivered
09:36:12purchase (GA4)Measurement Protocol84212delivered
09:31:40PurchaseGoogle Adsord_84209failed

Durable queue, zero fire-and-forget

Every conversion is persisted before delivery is attempted. A platform outage, a rate limit, or an expired token can delay an event, but it never silently drops one.

Retries with exponential backoff

Transient errors and 5xx responses are retried automatically with increasing delays. Events that exhaust their retries are parked for review instead of disappearing.

Full request & response audit

Every attempt stores the exact payload sent and the exact response the platform returned. When something fails, you see the error code and can replay the event after fixing it.

Read how delivery works per destination:

Meta Conversions APIGoogle Ads & GA4TikTok Events API

Run alongside your pixel without double counting a single sale

You don't have to rip out the browser pixel to go server-side. Both report the same conversion, and the platforms keep exactly one copy, because both copies carry the same deterministic event ID.

browser pixel
Purchase · event_id: ord_84213
RoasProof server event
Purchase · event_id: ord_84213 + em, ph, fbc, value
what the platform counts
1 × Purchase · €184.50
  • IDs derived from your order IDs

    The event ID is a stable function of the order: ord_84213 is ord_84213 whether the pixel fires it, our server sends it, or you replay it a week later. Timestamps and randomness never enter into it.

  • The script coordinates with your pixel

    At fire time, our on-page script hands the same event ID to the browser pixel that the server event will carry, so Meta, Google, and TikTok can pair the two copies with certainty.

  • The richer event wins

    When the platform discards the duplicate, what survives is the version with hashed identifiers, recovered click IDs, and full order data. Whenever the browser copy was thinner, that means the server one.

New to the mechanics? The glossary explains event deduplication and how a stable event_id is constructed.

A signal-quality dashboard, so you know before the algorithm does

Tracking that fails silently is worse than no tracking, because the platforms just optimize on whatever arrived. The dashboard shows exactly what was delivered, what failed, and how well events are matching, per platform.

4,182
delivered · 24h
12
failed · 24h
96%
dedup pair rate
match rate by destination
Meta CAPI91%
Google Ads88%
TikTok Events84%
  • Delivered vs. failed, per platform

    Counts, trends, and the error behind every failure (expired access token, invalid conversion action, rate limit), surfaced the moment it happens, not in next month’s ROAS review.

  • Match rates where they matter

    See what share of events carried each matching key per destination: email, phone, click ID, or browser IDs. When match quality dips, you know exactly what to fix.

  • Event-level drill-down

    Click any event to inspect the payload that was sent and the response the platform returned. No more guessing whether the conversion “probably” made it.

Match rate on this dashboard is the operational cousin of Meta's Event Match Quality score. The glossary entry explains how the score is calculated and what moves it.

Your own first-party tracking domain

The script and its collect endpoint are served from a subdomain you control, so data collection is genuinely first-party rather than a third-party request wearing a disguise.

dns · t.yourstore.com
typehostvaluestatus
CNAMEt.yourstore.comin.roasproof.comverified
TXT_sgnl.yourstore.comsgnl-verify=8f3a91c2…verified
TLSt.yourstore.comissued · auto-renewsactive
  • One CNAME record, verified automatically

    Point a subdomain like t.yourstore.com at us. We verify the DNS, provision a TLS certificate, and renew it automatically. The dashboard shows the status of both at all times.

  • Same-site requests, fewer losses

    Script and data requests originate from your own domain, so blocklists aimed at known tracker hostnames don’t apply, and first-party storage rules work in your favor.

  • Your domain, your data

    Click and session data is collected under a hostname you own. If you ever leave, the capture point was yours all along.

Workspaces for the team, an API for everything else

Workspaces & team access

Every brand or client lives in its own workspace with its own tracking domain, destinations, credentials, and event history, so nothing bleeds between accounts.

  • One workspace per brand or client, switchable in two clicks
  • Role-based access: owners manage credentials and billing, members work with events and reports
  • Per-workspace API keys and platform tokens, rotatable without touching other accounts
  • Built for agencies: clean separation for reporting, offboarding, and client audits

API + webhooks for custom stacks

Not on Shopify or WooCommerce? Send orders, leads, and custom events from any backend with one authenticated request. Identity resolution and delivery work exactly the same.

curl -X POST https://api.roasproof.com/v1/events \
  -H "Authorization: Bearer sk_live_…" \
  -H "Content-Type: application/json" \
  -d '{
    "type":       "order.created",
    "order_id":   "84213",
    "email":      "jane@acme.com",
    "value":      184.50,
    "currency":   "EUR",
    "visitor_id": "vst_9c42d1"
  }'
  • REST endpoints for orders, leads, refunds, and custom events
  • Outbound webhooks notify your systems about delivery failures and daily signal summaries
  • Scoped keys per workspace, so a compromised key never exposes another client

Start sending signals your ad platforms can actually use.

Connect your store, verify your events, and watch match quality climb. Free 14-day trial, no credit card required.