Skip to main content
Once the JavaScript agent is installed and initialized, call the get() function (or its SDK equivalent) to identify the browsers visiting your website. The get() function sends the collected browser signals to the Fingerprint Platform and returns a response containing the visitor ID for the browser and associated metadata. This guide covers best practices for timing identification requests, caching visitor IDs, and using linked IDs to associate your own identifiers with each visitor ID. To explore further, please refer to the JavaScript Agent API reference. If you are looking to identify mobile devices instead, see Android and iOS.
Note: The code snippets in this guide assume you have already set up some kind proxy integration for Fingerprint. Proxying requests through your own domain or subdomain like metrics.yourwebsite.com instead of connecting to Fingerprint servers directly helps avoid ad blockers and increases accuracy.See Installing the JavaScript agent and Evading ad-blockers (proxy integrations) for more details.

Timing identification requests

For most use cases, we recommend identifying the visitor on demand, when they perform a specific action:
  • Call start() as early as possible, ideally, right after the page loads.
  • Call get() only when needed (e.g., upon login or product selection).
  • Wait at least 1 second after calling start() before calling get(), to give the JavaScript Agent enough time to collect the required signals.
HTML
This just-in-time approach also helps you:
  • Ensure browsers are identified only after receiving the required consent.
  • Avoid unnecessary use of your billable API calls.
See Optimizing the JavaScript agent to learn more about deploying Fingerprint effectively.

Response

The get() function returns a promise of a response object with the visitor ID and other metadata.
JavaScript agent response limitationsNote that the response received by the JavaScript agent is limited on purpose. Since client-side code can be tampered with, we recommend consuming Fingerprint results securely through one of our server-side integrations. The full identification event including the visitor’s Smart Signals is available through the Server API, Webhooks, or Sealed results.See Protecting from client-side tampering to learn about getting Fingerprint results securely to your server.

Linking and tagging information

The visitor_id provided by Fingerprint Identification is especially useful when combined with information you already know about your users, for example, account IDs, order IDs, etc. You can follow user actions, track logged-in devices, and recognize malicious behavior. You can pass a linkedId or tag parameters to the get() function (or its equivalent in your SDK) to associate your own metadata with the visitor ID.
HTML
  • linkedId is a string you can use to filter identification events in the Dashboard or to filter visitor history using the Server API.
  • tag is a JavaScript object of any shape allowing you to store structured metadata. It is not indexed, you cannot use it to search for events.
For more details, see Linking and tagging information.

Caching the visitor ID

If your use case demands highly accurate identification, we recommend identifying the visitor on demand and always using a fresh visitor ID without caching. Depending on your use case, you can choose to cache (store) the visitor ID in the browser to:
  • Improve the responsiveness of your application.
  • Stay within the limits of your monthly allowance of API calls.
Caching visitor IDs for extended periods can significantly reduce identification accuracy. Make sure to understand caching best practices and implications before caching visitor IDs.

Caching using JavaScript agent

JavaScript agent provides caching out of the box but is disabled by default. To use it, you need to specify the cache option when initializing the agent.
HTML
The optimize-cost value caches visitor data for one hour. For all available cache configuration options, see CacheConfig in the start() function reference.

Cache expiration time

We strongly recommend a maximum cache expiration time of 1 hour. The properties (e.g. browser version, extensions, screen resolution, IP address, etc) that Fingerprint collects from a browser often change over time. When these incremental changes are captured as soon as they occur, Fingerprint can identify a returning browser with industry-leading accuracy. Using a longer expiration time leads to:
  • Lower identification accuracy. Fingerprint can miss out on the incremental changes thus increasing the risk of incorrectly identifying a returning browser as new.
  • Outdated Smart Signals information returned from the Server API.
  • Increased risk of replay attacks.

Cache location

We strongly recommend using sessionStorage to cache the visitor ID. Our data indicates sessionStorage is the best option to minimize the impact on identification accuracy compared to both localStorage and cookies.
Note: A cached visitor ID stored in sessionStorage, localStorage, and cookies will not be available if the user switches to or from Incognito mode.

What’s next