UserID modules: Implementation guidelines

[slimkrazy]

Type of issue

question

Description

Hi folks, I've got some general questions regarding UserID module implementation as I'm actually not sure what rules are in play here. I see some user ID modules directly accessing storage and writing to cookies / local storage, whilst others just leave Prebid core to manage this (respecting the publisher's expiry settings etc). So here are my questions:

1. Are UserID modules ok to load external scripts without special justification?
2. Are UserID modules free to generate say a GUID, store that for as many days as they choose?

What are the red lines?

Thanks

[patmmccann]

Officially, this is the answer https://docs.prebid.org/dev-docs/module-rules.html#:~:text=In%20order%20to%20be%20listed,standard%20or%20Prebid%20JavaScript%20functions.

We have tried to be reasonable and consistent, but it isn't always easy to be both. We've noticed client side entropy gathering via external js a la flashtalking is becoming more popular. We don't want those scripts linked from the project so no pub ever thinks we review or warranty them, so please make them a configuration parameter or just assume the pub has loaded them already via their own means (preferred). Any script loading needs to be excessively disclosed and the reason for it well documented.

2. yes this is typical behavior

[ChrisHuie]

If more questions arise around this please feel free to reopen and add new comments