.svg)
Browser-based tracking is losing ground. Between cookie restrictions, ad blockers, and privacy updates from Apple and major browsers, the pixel data your ad platforms receive is increasingly incomplete. That means the algorithms powering your Meta, Google, and TikTok campaigns are optimizing on partial information, leading to wasted spend and missed opportunities.
The Conversion API (often called CAPI or server-side tracking) solves this by sending conversion events directly from your server to the ad platform's server, bypassing the browser entirely. When implemented correctly, it gives ad platforms richer, more reliable data so their algorithms can find more of the right customers for less money.
But the key phrase is "implemented correctly." A sloppy CAPI setup can cause duplicate events, mismatched data, or worse, feed bad signals to platform algorithms that actively hurt your campaign performance.
This guide walks you through the exact steps to implement Conversion API the right way, from planning your event strategy to validating that everything fires accurately. Whether you are setting this up for Meta, Google, or multiple platforms simultaneously, you will finish this guide with a clear, tested, and reliable server-side tracking setup.
And if you want to skip the heavy technical lift, we will also show you how tools like Cometly can handle server-side tracking and conversion syncing across all your ad platforms from a single dashboard.
Before you write a single line of code or configure a single API credential, you need a clear map of what you are tracking and where the data lives. Skipping this step is the number one reason CAPI implementations end up incomplete, inaccurate, or actively damaging to campaign performance.
Start by listing every meaningful conversion event in your funnel. Think beyond just "purchase." Depending on your business model, your priority events might include lead form submissions, phone call initiations, add-to-cart actions, checkout initiations, bookings, free trial signups, or demo requests. Rank them by their importance to your optimization goals, because not every event deserves equal weight in your API calls.
Next, document the full data flow for each event. Ask yourself three questions for every conversion point:
Where does the event originate? Is it a website action, an in-app event, a CRM status change, or a backend system trigger? Each origin point has different technical requirements for how you capture and relay the data.
What customer parameters are available at that stage? For a website form submission, you likely have email, phone, IP address, user agent, and the original click ID (fbclid, gclid, or ttclid) from the landing page. For a CRM-based event like "deal closed," you may have richer data like external customer IDs but you need to make sure the original click ID was captured and stored at the beginning of the funnel.
Where does the data need to end up? List every ad platform that needs to receive each event: Meta, Google, TikTok, Snapchat, Pinterest, or others. This determines how many API endpoints you need to send to and whether a multi-platform solution makes more sense than building individual integrations.
One critical decision at this stage is whether each event should be sent server-side only or through both the browser pixel and CAPI simultaneously. The recommended best practice from Meta and other platforms is to run both in parallel with deduplication enabled. This redundancy ensures that even if one channel fails (a user blocks the pixel, for example), the event still gets recorded. We will cover deduplication in detail in Step 4.
Document everything in a simple spreadsheet before moving forward. Understanding the different conversion tracking methods available will help you make informed decisions about which columns to include for event name, trigger source, available parameters, target platforms, and deduplication strategy.
With your event map in hand, it is time to set up the technical infrastructure. This step involves generating the credentials each platform requires and deciding on the server environment that will relay your events.
For Meta's Conversions API, navigate to your Meta Business Manager, open Events Manager, and select your pixel. Under the "Settings" tab, you will find the option to generate a system user access token. This token authenticates your server's requests to Meta's CAPI endpoint. Make sure the system user has the appropriate permissions on your ad account and pixel, and note your pixel ID, which you will include in every API call. For a deeper dive into this specific platform, check out our guide on setting up Conversion API Facebook.
For Google's Enhanced Conversions, the process runs through your Google Ads account. Go to Tools and Settings, then Conversions, and select the conversion action you want to enhance. Enable enhanced conversions and choose the API method if you are implementing server-side. You will also need to set up a Google Ads API developer token if you are building a direct integration, or connect through Google Tag Manager's server-side container.
For TikTok's Events API, log into TikTok Ads Manager, navigate to Assets, then Events, and create a new web event. Select "Events API" as the connection method. TikTok will provide an access token tied to your pixel ID, which works similarly to Meta's setup.
Beyond credentials, you need a server environment to act as the relay layer between your website or CRM and the ad platform endpoints. Your options include:
Direct server integration: Your own backend server receives event data and makes direct API calls to each platform. This gives you the most control but requires the most development work.
Server-side tag management: Tools like Google Tag Manager's server-side container let you route events through a managed server environment with less custom code.
Third-party platforms: Tools like Cometly connect to your ad platforms and CRM through a single integration, handling the API calls, credential management, and data routing across Meta, Google, TikTok, and others without requiring you to configure each platform individually. You can explore the top server-side conversion tracking tools to compare your options.
Whichever approach you choose, verify that your ad accounts, pixels, and datasets are properly linked before proceeding. A misconfigured permission level is a common source of silent failures where events are sent but never recorded.
This is where the technical implementation begins. The quality of your CAPI setup depends almost entirely on how complete and accurate your event payloads are. Sending events with minimal data is better than nothing, but it will not get you the match quality needed to meaningfully improve algorithm performance.
Every server-side event payload should include the following core components:
Event name: Use standardized event names where possible. Meta's standard events include "Purchase," "Lead," "InitiateCheckout," and "CompleteRegistration." Using standard names allows platforms to recognize and categorize your events correctly.
Event time: Send the Unix timestamp of when the conversion actually occurred. For real-time events, this is straightforward. For delayed CRM-based events (covered in Step 6), always use the original conversion timestamp, not the time the API call is made.
User data parameters: This is where match quality is won or lost. Include as many of the following as you have available: hashed email address, hashed phone number, IP address, user agent string, the fbp cookie value (Meta's first-party cookie), the fbc parameter (Meta's click cookie), and external user IDs from your CRM.
Click ID passthrough: This is one of the most commonly missed implementation details and one of the most important. When a user clicks your ad, the platform appends a click ID to the landing page URL: fbclid for Meta, gclid for Google, ttclid for TikTok. You must capture this ID on the landing page (typically via JavaScript reading the URL parameter), store it in a first-party cookie or your database, and pass it through your entire funnel to the server-side event. Without the click ID, your match quality drops significantly because the platform cannot deterministically tie the conversion back to the specific ad click. Understanding CAPI match rate will help you gauge how well your parameters are performing.
Custom data: For purchase events, include currency, value, content IDs, and content type. For lead events, include any relevant categorization data that helps the platform understand the conversion context.
On hashing: Meta and other platforms require SHA-256 hashing for all personally identifiable information before you send it. This includes email addresses, phone numbers, names, and addresses. Hash these fields on your server before including them in the payload. Fields like IP address, user agent, fbp cookie, and click IDs are sent in plain text without hashing.
A practical tip: normalize your data before hashing. For email addresses, lowercase the entire string and remove leading or trailing spaces. For phone numbers, include the country code and remove all non-numeric characters. Inconsistent formatting before hashing is a common cause of poor match quality even when the underlying data is correct.
If you are running both a browser pixel and CAPI simultaneously (which you should be), deduplication is not optional. Without it, every conversion gets counted twice: once from the pixel fire and once from the server-side API call. Double-counted conversions inflate your reported results, confuse platform optimization algorithms, and lead to poor bidding decisions based on artificially high conversion volumes.
The deduplication mechanism is straightforward in concept but requires careful implementation. Both the browser pixel event and the server-side CAPI event for the same conversion must include an identical event_id value. When the platform receives two events with the same event_id within a short time window, it recognizes them as the same conversion and counts only one.
Here is how to implement it correctly:
At the moment a conversion occurs on the client side (in the user's browser), generate a unique event ID. This can be a UUID, a timestamp combined with a random string, or any format that guarantees uniqueness per conversion event. Generate this ID using JavaScript at the moment the conversion action happens, before either the pixel or the server-side call fires.
Pass this event ID to two places simultaneously. First, include it in the browser pixel's event parameters when firing the standard pixel event. Second, pass it to your server (via a form field, a cookie, or an API call) so that your server-side CAPI call includes the exact same event_id value.
The critical requirement is that the event_id must be generated once per conversion and shared between both the pixel and the API call. If you generate separate IDs for each, deduplication fails entirely. This is one of the most common reasons why conversion tracking numbers are wrong for many advertisers.
To diagnose deduplication issues, use Meta's Events Manager deduplication tab, which shows you how many events were received via browser versus server and how many were successfully deduplicated. If you see conversion counts that are roughly double what you expect, or if the deduplication rate is very low, trace back to how your event IDs are being generated and passed.
For Google, conversion diagnostics in your Google Ads account will flag duplicate conversions if your enhanced conversions setup is recording the same event multiple times. The fix follows the same principle: a shared transaction ID or order ID passed to both the tag and the API call.
One practical safeguard: log every event ID your server sends to your ad platforms in your own database. This creates an audit trail that makes debugging deduplication issues much faster.
You have configured your credentials, implemented your event payloads, and set up deduplication. Now you need to verify that everything actually works before you rely on this data for campaign optimization.
Each major platform provides testing tools designed specifically for this purpose. Use them before going live.
Meta's Test Events tool is inside Events Manager under the "Test Events" tab. It provides a test event code that you include in your API calls during testing mode. When you fire a test conversion, you can watch it appear in real time in the Events Manager interface, complete with the parameters received, the match quality score, and any warnings about missing or incorrectly formatted fields. This is your primary validation tool for Meta CAPI.
Google Tag Assistant supports server-side container debugging and lets you inspect the events flowing through your GTM server container before they reach Google's endpoints. For direct API implementations, use the Google Ads conversion diagnostics dashboard to confirm that enhanced conversions are being received and matched correctly.
TikTok's Events API diagnostics in TikTok Ads Manager show you event delivery status, error rates, and match quality indicators for your server-side events. If you are running TikTok campaigns, our guide on how to track TikTok ad conversions accurately covers platform-specific validation in more detail.
When validating, trigger real conversions in a test environment rather than simulating them. Go through your actual funnel, submit a real test lead, complete a test purchase, or trigger whatever conversion events you have implemented. Then verify in the platform's event logs that the event appeared with the correct name, value, timestamp, and deduplication status.
Pay close attention to Meta's Event Match Quality (EMQ) score, which ranges from 1 to 10. Meta officially recommends aiming for a score above 6.0. Your EMQ score reflects how well the user data in your events can be matched to actual Facebook users. To improve it, focus on including more customer parameters in your payloads: email, phone number, external ID, the fbp cookie, the fbc parameter, client IP address, and user agent. Each additional parameter you include has the potential to raise your score.
If your EMQ score is low after initial testing, trace back to Step 3 and identify which parameters are missing or incorrectly formatted. The most common culprits are missing click IDs (fbclid not being captured and passed through the funnel), unhashed PII fields, or inconsistently normalized data before hashing.
Do not move forward until your test events show clean delivery, accurate values, and a match quality score that meets the platform's recommended threshold.
Most marketers stop their CAPI implementation at front-end events: form submissions, add-to-cart actions, purchases on the website. This is a significant missed opportunity, especially for B2B businesses, high-consideration purchases, or any business where the real value of a customer is not determined at the moment of the first conversion.
Think about what happens after a lead form is submitted. The lead enters your CRM, goes through a qualification process, gets nurtured, has sales conversations, and eventually either converts to a paying customer or does not. If your ad platform only knows about the form submission, it optimizes to find more people who fill out forms, not more people who become paying customers. These two audiences can be very different.
By sending CRM-based conversion events back to your ad platforms via CAPI, you give their algorithms revenue-level signals. The ability to track offline conversions from online ads is what separates basic tracking from a truly revenue-optimized setup. Map your CRM pipeline stages to meaningful conversion events: "Qualified Lead," "Opportunity Created," "Proposal Sent," "Deal Closed Won." Each of these can be sent as a server-side event to Meta, Google, or TikTok with an associated value that reflects the revenue impact.
The technical requirement for CRM-based events is the same as for real-time events, with one important addition: you must preserve the original click ID and timestamp from when the lead first entered your funnel. When someone clicks your Meta ad and fills out a form, capture and store their fbclid along with the timestamp of that click in your CRM record. When that lead later converts to a customer, your CRM-to-CAPI pipeline sends the "Deal Closed" event with that original fbclid and the original click timestamp, allowing Meta to correctly attribute the revenue back to the specific ad that drove the initial click.
This is where Cometly provides significant value. Cometly connects directly to your CRM and automatically syncs downstream conversion events back to Meta, Google, and other ad platforms. Understanding conversion sync technology helps explain how this automated pipeline works. Instead of building a custom pipeline to extract CRM data, map it to event payloads, handle click ID lookups, and manage API calls to multiple platforms, Cometly handles all of it through a single integration.
The impact of this approach is substantial. When ad platforms receive revenue-level data rather than just lead volume data, their optimization algorithms shift their targeting toward audiences that actually produce paying customers. This typically results in higher-quality leads, better return on ad spend, and a clearer picture of which campaigns are actually driving business growth versus just filling your CRM with unqualified contacts.
A CAPI implementation is not a set-it-and-forget-it project. API versions change, access tokens expire, platform requirements evolve, and your own funnel changes over time. Without ongoing monitoring, a silent failure in your server-side tracking can go undetected for weeks, leaving your ad platforms optimizing on stale or incomplete data.
Build a weekly monitoring routine that covers the following checkpoints:
Event delivery rates: Compare the number of conversions recorded in your source of truth (your CRM, your order management system, or your analytics platform) against what each ad platform reports. Significant discrepancies warrant investigation. Platforms frequently suffer from underreporting conversions, so knowing your baseline numbers is essential.
Match quality scores: Check your EMQ scores in Meta Events Manager weekly. A sudden drop often indicates a parameter that stopped being passed correctly, such as a code change that broke click ID capture or a form update that stopped collecting phone numbers.
Error logs: Your server-side implementation should log every API response from each platform. Review error logs regularly and set up alerts for error rates above a defined threshold.
Token expiration: System user access tokens can expire or be revoked. Add a calendar reminder to audit your active tokens quarterly and rotate them proactively rather than discovering they expired when conversions stop flowing.
When you are ready to scale your CAPI setup to additional platforms like TikTok, Snapchat, or Pinterest, the same server-side infrastructure you built for Meta and Google can be extended. Each platform follows a similar server-to-server model with its own access token and endpoint. Alternatively, Cometly's multi-platform conversion sync manages this expansion from a single dashboard, letting you add new ad platforms without rebuilding your tracking infrastructure from scratch.
Before considering your implementation complete, run through this final checklist: all priority conversion events are firing correctly, deduplication is confirmed and working, match quality scores are above platform thresholds, CRM events are syncing with original click IDs and timestamps, monitoring alerts are active, and ownership for ongoing maintenance is assigned to a specific person or team.
Implementing Conversion API correctly is not a one-time checkbox. It is an ongoing system that, when built right, gives your ad platforms the accurate and rich data they need to find your best customers and optimize spend effectively.
To recap the essential steps: map your events and data flow before touching any code, generate the right credentials and platform access, implement server-side events with complete parameters and proper hashing, set up deduplication so you never double count, validate everything with platform testing tools, connect your CRM for downstream revenue signals, and build a monitoring routine to keep it all running smoothly.
Each step builds on the last. Skipping the planning phase leads to incomplete parameters. Incomplete parameters lead to poor match quality. Poor match quality means the algorithms cannot do their job, and your ad spend suffers for it.
If the technical complexity of managing CAPI across multiple platforms feels overwhelming, Cometly was built to handle exactly this. With server-side tracking, automatic conversion syncing, and multi-touch attribution all in one platform, you can skip the custom development and start feeding better data to your ad platforms today.
The result is smarter algorithms, lower acquisition costs, and clear visibility into what is actually driving revenue. Ready to see it in action? Get your free demo and start capturing every touchpoint to maximize your conversions.
