Every step between the ad click and the conversion signal, handled
RoasProof is a pipeline: capture the click first-party, resolve it to a user and an order, deliver the enriched event server-side, and prove it arrived. This page walks through each stage in the order your data moves through it.
RoasProof is a server-side conversion tracking platform. It captures ad-click data (fbclid, gclid, ttclid) first-party on your domain, matches clicks to signups and orders, and sends complete conversion events to Meta, Google and TikTok from the server, deduplicated against your existing pixel via a shared event_id.
Event delivery rate: pixel only vs. with server-side
The browser decides whether a pixel event ever leaves the device. Server-side delivery takes the browser out of the equation. Here is what that difference looks like across three traffic segments.
Illustrative scenario, not measured data. It applies the same stated assumptions as our signal-loss calculator: client-side pixels miss 20-40% of iOS/Safari conversions and 5-15% elsewhere, and ad-block users block the pixel request entirely. Server-side delivery, by contrast, runs from our infrastructure, independent of the browser. Your real numbers depend on your audience and setup.
First-party click capture that outlives the browser session
One lightweight script, served from your own domain, records everything about the click the moment the visitor lands, before redirects, checkouts, and cookie purges get a chance to destroy it.
Click IDs and UTMs, saved on landing
fbclid, gclid, ttclid, wbraid and gbraid are read from the landing URL together with every UTM parameter, the referrer, and the landing path. All of it is then written to first-party storage tied to a persistent visitor ID.
Survives redirects and payment providers
The click record lives on your domain, not in the URL. Checkout redirects, payment gateways, and email confirmation flows can strip query strings all they want: the original click is already stored.
Resilient against blockers
Because the script and its collect endpoint are served same-site from your subdomain, generic third-party blocklists that kill pixel requests never match it.
Consent-aware by design
The script integrates with your consent management, so capture follows the visitor’s choices and you decide which fields are stored and shared per platform.
- visitor_id
- vst_9c42d1
- fbclid
- IwZXh0bgNhZW0CMTEAAR2k…
- gclid
- -
- ttclid
- -
- utm_source
- utm_medium
- paid-social
- utm_campaign
- summer-sale-us
- landing
- /products/trail-jacket
- referrer
- l.facebook.com
- first_seen
- 2026-06-14 09:41:22 UTC
From anonymous click to attributed order
A conversion is only a signal if you can prove which click caused it. We maintain the chain deterministically: click to session, session to user, user to order.
- ClickJun 14 · 09:41
fbclid captured on landing, tied to visitor vst_9c42d1
- SessionJun 17 · 20:04
Return visit recognized by the same first-party visitor ID, three days later and with no click ID in the URL
- UserJun 17 · 20:12
jane@… creates an account; the email joins the visitor to a user record
- OrderJun 21 · 09:40
Order #84213 · €184.50 arrives from the store, attributed to campaign summer-sale-us
Deterministic joins, not modeled guesses
Matches are made on hard identifiers: the persistent visitor ID, the email or phone at signup and checkout, the customer ID on the store webhook. Every attribution is explainable, down to the row.
Works across days, devices, and channels
A click on Tuesday, a signup on Thursday, a purchase the following week from another device: as long as one identifier connects the steps, the order resolves back to the original click and campaign.
Order-level attribution you can inspect
Open any order and see the click that produced it: click ID, campaign, UTMs, landing page, and every session in between. Revenue per campaign stops being an estimate.
Server-side event delivery with a queue behind it
Events leave our infrastructure, not the visitor's browser. Nothing depends on a tab staying open, a script loading, or an API being up at the exact moment of purchase.
Durable queue, zero fire-and-forget
Every conversion is persisted before delivery is attempted. A platform outage, a rate limit, or an expired token can delay an event, but it never silently drops one.
Retries with exponential backoff
Transient errors and 5xx responses are retried automatically with increasing delays. Events that exhaust their retries are parked for review instead of disappearing.
Full request & response audit
Every attempt stores the exact payload sent and the exact response the platform returned. When something fails, you see the error code and can replay the event after fixing it.
Run alongside your pixel without double counting a single sale
You don't have to rip out the browser pixel to go server-side. Both report the same conversion, and the platforms keep exactly one copy, because both copies carry the same deterministic event ID.
IDs derived from your order IDs
The event ID is a stable function of the order: ord_84213 is ord_84213 whether the pixel fires it, our server sends it, or you replay it a week later. Timestamps and randomness never enter into it.
The script coordinates with your pixel
At fire time, our on-page script hands the same event ID to the browser pixel that the server event will carry, so Meta, Google, and TikTok can pair the two copies with certainty.
The richer event wins
When the platform discards the duplicate, what survives is the version with hashed identifiers, recovered click IDs, and full order data. Whenever the browser copy was thinner, that means the server one.
New to the mechanics? The glossary explains event deduplication and how a stable event_id is constructed.
A signal-quality dashboard, so you know before the algorithm does
Tracking that fails silently is worse than no tracking, because the platforms just optimize on whatever arrived. The dashboard shows exactly what was delivered, what failed, and how well events are matching, per platform.
Delivered vs. failed, per platform
Counts, trends, and the error behind every failure (expired access token, invalid conversion action, rate limit), surfaced the moment it happens, not in next month’s ROAS review.
Match rates where they matter
See what share of events carried each matching key per destination: email, phone, click ID, or browser IDs. When match quality dips, you know exactly what to fix.
Event-level drill-down
Click any event to inspect the payload that was sent and the response the platform returned. No more guessing whether the conversion “probably” made it.
Match rate on this dashboard is the operational cousin of Meta's Event Match Quality score. The glossary entry explains how the score is calculated and what moves it.
Your own first-party tracking domain
The script and its collect endpoint are served from a subdomain you control, so data collection is genuinely first-party rather than a third-party request wearing a disguise.
One CNAME record, verified automatically
Point a subdomain like t.yourstore.com at us. We verify the DNS, provision a TLS certificate, and renew it automatically. The dashboard shows the status of both at all times.
Same-site requests, fewer losses
Script and data requests originate from your own domain, so blocklists aimed at known tracker hostnames don’t apply, and first-party storage rules work in your favor.
Your domain, your data
Click and session data is collected under a hostname you own. If you ever leave, the capture point was yours all along.
Workspaces for the team, an API for everything else
Workspaces & team access
Every brand or client lives in its own workspace with its own tracking domain, destinations, credentials, and event history, so nothing bleeds between accounts.
- One workspace per brand or client, switchable in two clicks
- Role-based access: owners manage credentials and billing, members work with events and reports
- Per-workspace API keys and platform tokens, rotatable without touching other accounts
- Built for agencies: clean separation for reporting, offboarding, and client audits
API + webhooks for custom stacks
Not on Shopify or WooCommerce? Send orders, leads, and custom events from any backend with one authenticated request. Identity resolution and delivery work exactly the same.
curl -X POST https://api.roasproof.com/v1/events \
-H "Authorization: Bearer sk_live_…" \
-H "Content-Type: application/json" \
-d '{
"type": "order.created",
"order_id": "84213",
"email": "jane@acme.com",
"value": 184.50,
"currency": "EUR",
"visitor_id": "vst_9c42d1"
}'- REST endpoints for orders, leads, refunds, and custom events
- Outbound webhooks notify your systems about delivery failures and daily signal summaries
- Scoped keys per workspace, so a compromised key never exposes another client
Start sending signals your ad platforms can actually use.
Connect your store, verify your events, and watch match quality climb. Free 14-day trial, no credit card required.