Google Consent Mode v2
How OptinStack integrates with Google Tag Manager and Google Consent Mode v2.
OptinStack automatically integrates with Google Consent Mode v2 when Google Tag Manager is present on the page.
How It Works
On every consent state change, the SDK calls gtag('consent', ...) with the appropriate consent signals. The first call uses 'default', and subsequent calls use 'update'.
No additional setup is required — if window.dataLayer and window.gtag exist, the integration activates automatically.
Consent Signal Mapping
| GTM Parameter | OptinStack Category |
|---|---|
ad_personalization | marketing |
ad_storage | marketing |
ad_user_data | marketing |
analytics_storage | analytics |
functionality_storage | preferences |
personalization_storage | preferences |
security_storage | necessary |
Each parameter is set to 'granted' or 'denied' based on the corresponding OptinStack consent category.
Disabled categories
Project configuration can disable entire categories (for example, hide the marketing toggle in consent preferences). When a category is disabled in config, the SDK treats it as essential for enforcement purposes and sends granted for the mapped Google Consent Mode signals on that category. Disabled categories are not shown in the preferences UI and cannot be declined by visitors.
The first gtag('consent', 'default', …) call includes wait_for_update: 500 so tags loaded before the CMP finishes initializing wait briefly for an update call from OptinStack.
Example
When a user accepts all categories, the SDK sends:
gtag('consent', 'update', {
ad_personalization: 'granted',
ad_storage: 'granted',
ad_user_data: 'granted',
analytics_storage: 'granted',
functionality_storage: 'granted',
personalization_storage: 'granted',
security_storage: 'granted',
});When a user rejects all optional categories:
gtag('consent', 'update', {
ad_personalization: 'denied',
ad_storage: 'denied',
ad_user_data: 'denied',
analytics_storage: 'denied',
functionality_storage: 'denied',
personalization_storage: 'denied',
security_storage: 'granted', // necessary is always granted
});DataLayer Events
The SDK also pushes events to the dataLayer array for use in GTM triggers:
| DataLayer Event | When |
|---|---|
optinstack_gpc_signal_detected | On init, if Global Privacy Control is active |
optinstack_consent_updated | Every time consent state changes |
optinstack_necessary_accepted | First time necessary is granted (fires once) |
optinstack_analytics_accepted | First time analytics is granted (fires once) |
optinstack_marketing_accepted | First time marketing is granted (fires once) |
optinstack_preferences_accepted | First time preferences is granted (fires once) |
optinstack_unclassified_accepted | First time all four categories are granted (fires once) |
Using DataLayer Events in GTM
Create a custom trigger in GTM based on these events:
- Go to Triggers → New
- Select Custom Event
- Set the event name to
optinstack_analytics_accepted - Use this trigger on tags that should only fire after the user grants analytics consent
The -activated events fire only once per page load — they won't re-fire if consent is toggled off and on again.
Webflow Analyze
If your site uses Webflow Analyze (window.wf), the SDK automatically calls wf.allowUserTracking() or wf.denyUserTracking() based on the analytics consent category.