Configure client-side delivery
This article describes how to configure First-Party Domains for Tealium iQ Tag Management client-side delivery.
Use the following steps to configure First-Party Domains for Tealium iQ Tag Management client-side delivery:
- In the user menu, select First-Party Domains.
- Under Client-Side Delivery, click Configure Certificate and select one of the following:
- Generate Certificate – Tealium generates and manages the certificates.
- Provide Certificate – Provide your own certificate files. For information about the requirements and format for certificate files, see Manage your own certificates.
- If you selected, Provide Certificate, upload the following files:
- Certificate (required)
- Private Key (required)
- Certificate Chain (optional)
- Select one of the following methods to validate domain ownership:
- DNS Validation
- Email Validation
- In the Add Domains section, enter a subdomain name, omitting
https://and the ending slash.
- To add another domain, click + Add Domain.
First-party domains apply to all profiles in your account. Enter a subdomain for each site managed by this account.
- Click I Agree to give Tealium permission to manage certificates for the provided subdomains and to certify you own and manage these subdomains, then click Save.
After you save your configuration,
- DNS validation – The screen is updated to display the temporary CNAME records (one for each subdomain) that are used for validation. Add these temporary CNAME records to your DNS configuration.
- Email validation – The following message is displayed:
- Complete the process for your validation method, as follows:
DNS validation: After you have added the validation CNAME records to your DNS configuration and the validation process is completed (this can take several hours), the permanent CNAME records for your subdomains are displayed. Add these permanent CNAME records to your DNS configuration.
Your DNS configuration must include the validation records and the permanent records. The validation records are used when you add subdomains to a certificate and for auto-renewal of the certificate.
Email validation: You will receive email from Amazon Web Services (one message for each subdomain) containing a validation token that expires in 72 hours. To complete the validation process, you must respond to the email message for each subdomain. If you did not receive the email or if the token has expired, in the Client-Side menu on the First-Party Domains Overview screen, click Resend Email.
The following message is displayed while your subdomain information is being validated:
Please wait while domain information is validated. This won't take long.
When the domain status in the First-Party Domains Overview is changed to Issued, your domains are ready to use.
Validation must occur within 72 hours. If the validation period expires, request a new certificate for the same subdomain. The DNS validation records are the same for subsequent requests of the same subdomain.
After the domain status is changed to Issued, you need to update your endpoint configuration to use first-party domains with Tealium iQ Tag Management. For more information, see Update endpoint configurations.
Thank you for your feedback!
This page was last updated: May 11, 2023