Core Issue:
A developer seeks to access Shopify’s Consent API state server-side in Liquid templates to conditionally load external tracking scripts based on user consent, similar to how Shopify’s native Google Analytics implementation works.
Current Limitation:
No server-side Liquid solution exists for querying consent status (methods like userCanBeTracked and getTrackingConsent are not available in Liquid).
Workaround Solution:
Implement client-side JavaScript using Shopify’s window.Shopify.customerPrivacy API:
Insert code below {{ content_for_header }} in theme.liquid or use a Custom Liquid block
Use visitorConsentCollected callback to trigger tracking scripts
Check consent with methods like analyticsAllowed() and marketingAllowed() before loading scripts
Dynamically append tracking script elements to DOM when appropriate consent is granted
Key Technical Notes:
Static <script src="..."> tags need conversion to dynamic script element creation
Different tracking services require checking different consent types (analytics vs. marketing)
Scripts load immediately when consent is given, not just on next page view
API Update: thirdPartyMarketingAllowed() method has been renamed to marketingAllowed() in current API version.
Status: Resolved via client-side workaround; no native server-side solution available.
Summarized with AI on November 10.
AI used: claude-sonnet-4-5-20250929.
since there’s no hint in the docs that this is doable, I’m afraid I’ll have to live with a No, but maybe there’s some undocumented possibility to achieve this:
Is it possible to get the state of the Consent API in Liquid as well?
I want to load external tracking scripts only when tracking consent is given and/or tracking is generally allowed. Shopify’s native Google Analytics implementation appears to do exactly this, for example. So I’d like to do something like this in my theme liquid:
{% if visitor.can_be_tracked %}
<script async src="https://url.to/trackingscript.js"></script>
{% endif %}
(this obviously doesn’t work)
It is possible to muddle something together in JavaScript, essentially appending the element dynamically to the DOM after querying the Consent API state, but I’d find it more elegant not to bother the browser/client at all with this.
quick question. Did you ever solve this? One of our clients wants to implement server side tagging on their site and Shopify plugins seem to be very “idependent”. Plugin A doesn’t know about what plugin B is doing. So my problem is: How can I run a script depending on how the consent decision has been made? How did you solve this? Did you ever find a solution?
We might want to share the solution here for other people to find.
I’m afraid not, we have to go the JavaScript way. What I did:
Somewhere below the {{ content_for_header }} line in theme.liquid (or, if you don’t want to meddle in your theme’s code, create a “Custom Liquid” block in your header or footer section), inserted this code:
A few notes:
I took MS Clarity and MS Bing Conversion tracking because they provide dynamically created code, you’ll have to convert that
Also, those two examples show the “Analytics allowed” vs “Third Party Marketing allowed” consent options
Since I didn’t really dig deeper into Shopify’s logic, I just went for “Each snippet function queries the window.Shopify.customerPrivacy.***allowed() for itself” way because I don’t know if that’s already set when the callback function is called. This can probably be solved in a more elegant way.
…and the callback+event handling could probably also be more elegant, I was just too lazy to dig deeper into the Consent API logic regarding the point in time the callback is called/visitorConsentCollected is fired exactly. But it works: This way, when the Consent API is loaded on a page view where the visitor has already made their choice in the cookie banner before, it’ll just call the bingAds() and MSClarity() functions, which will check if their respective consent has been given, and do their thing; and in case there has no consent choice been made yet (i.e. the cookie banner is presented to the visitor), they’ll also be called as soon as the visitor saves their choices, so it will start tracking immediately, and not just after the next page view.
Feel free to use and/or refine this - I’m no developer, so please forgive my rather messy approach here.
Update: The thirdPartyMarketingAllowed() method is now called marketingAllowed(), so this is aforementioned code with the proper methods provided by the API, properly working as of the time of this post:
