Use a function to generate a UID2.0 token

This article describes how to use a visitor function to generate a UID2.0 token for a user and save it in the visitor profile.

This token can be used in The Tradedesk connector and other supported outbound connectors.

Unified ID 2.0 (UID2) is an open source ID framework created by The Tradedesk, which can be used instead of of third-party cookies. UID2 is a deterministic user identifier based on user PII, such as an email address. The UID is hashed and encrypted to create a UID2 token that is returned in the response to a UID2 request. For more information, see the Tradedesk UID2 documentation.

Generate a UID2.0 and store it in a visitor profile

We recommend using a visitor function to generate the UID2 token. For more information on visitor functions, see About event and visitor functions.

The visitor function does the following:

  • Generates a UID2 token if the visitor does not have a UID2 token assigned.
  • Sends an event containing the UID2 token and tealium_visitor_id to Tealium Collect.

The AudienceStream attribute and visitor attribute are enriched by the event sent from the function. The following figure illustrates the process of getting an UID2 token and saving it in the visitor profile:



  • Choose a PII attribute to use as an identifier for your users. UID2.0 currently supports a phone number or an email address identifier.
  • Create a visitor attribute to store the UID2 token. For more information on creating attributes, see Using Attributes.
  • Create an event attribute for the UID2 token, which will be used to enrich the visitor attribute. For more information on creating attributes, see About attributes.
  • Add an enrichment to enrich the UID2 visitor attribute with the value of the event UID2 attribute. For more information on adding an enrichment, see About enrichments.

Create an audience to trigger the function

To trigger your function, create an audience with the following conditions:

  • Identifier is assigned. Identifier is the PII attribute selected to identify your users.
  • Token is not assigned. Token is the attribute in which the UID2.0 token is stored after it is generated.

For example:


For more information on creating an audience, see Building an Audience.

Create a visitor function to generate a UID2 token

When you create your function and select the audience, leave Trigger On set to the default value, which is Joined Audience.

An API key is required to send requests to the Unified ID 2.0 API. Tealium has partnered with The Tradedesk to provide a managed API key that can be used in functions. After you have created your function, add UID2 authentication to your function to obtain the UID2.0_Tealium API key.

You can delete the default code that is displayed for a visitor function, then copy and paste the example code below and modify it as needed.

Example code to generate a UID 2.0 token

This example function uses an email address as the user identifier, but can be adapted to use other identifiers.

In this code, an attribute ID is used to get the value of the email attribute. There is a comment above this line of code indicating what needs to be updated. Update the attribute ID with the correct value for the attribute you’re using.

import { visitor, auth, tealium } from "tealium";
import CryptoES from 'crypto-es';

const options = {
    "sendHashedOnly": false

function validateEmail(email) {
    const re = /^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
    return re.test(String(email.trim()).toLowerCase());

function isGmail(email) {

    const re = /([a-zA-Z0-9]+)([\.{1}])?([a-zA-Z0-9]+)\@gmail([\.])com/g;
    return re.test(String(email).toLowerCase());

function normalizeEmail(email) {
    /* Start specific normalization for addresses */
    if (isGmail(email)) {
        email = email.split("@")[0].replace(/\./g, '') + "@" + email.split("@")[1];
        email = email.replace(/\+/g, "");
    /* End gmail normalization */

    //Trim email
    email = email.trim();

    return email;

function checkSHA256(emailHash) {
    // Regular expression to check if string is a SHA256 hash
    const regexExp = /^[a-f0-9]{64}$/gi;

    // String with SHA256 hash
    const str = emailHash;

    return regexExp.test(str); // true

async function runFunction() {
    const data = {
        email: ""
    let bodyObj = {}; = visitor.getAttributeValueById("5006");
    if (validateEmail( { //Unencrypted email = normalizeEmail(;
        if (options.sendHashedOnly) {
            bodyObj = {
                email_hash: [CryptoES.SHA256(]

        } else {
            bodyObj = {
                email: []
    } else if (checkSHA256( {
        // It's a hash
        bodyObj = {
            email_hash: []
    } else {
        return false; //Non valid email
    const url = '';
    if (url) {
        const response = await fetch(url, {
            method: 'POST',
            headers: {
                'Authorization': ' Bearer ' + auth.get('UID2.0_Tealium'),
                'Content-Type': 'application/json'
            body: JSON.stringify(bodyObj)
        return response;
    } else {
        return false; // A url hasn't been provided.

runFunction().then(response => {
    let event_data = {
        tealium_event: "UID 2.0 sync",
        identifier: JSON.parse(response.body).mapped[0].identifier,
        UID2: JSON.parse(response.body).mapped[0].advertising_id,
    if (event_data.tealium_visitor_id && event_data.UID2) {

Was this page helpful?

This page was last updated: January 7, 2023