Skip to main content

[Growth Hub] Configure Consent Management

Keep tracking, cookies, and compliance from drifting out of sync.

Yasen Marinov avatar
Written by Yasen Marinov
Updated this week

If you are embedding Growth Hub and worried about privacy compliance, the usual problem is not knowing which cookies are actually active and whether user choices are being respected after a page reload. This article explains how consent is passed to the Growth Hub web component, what takes precedence, and how to avoid overwriting a user's saved choices.

Growth Hub stores consent once and reuses it. Your job is to pass the right signals at the right time, without resetting what the user already agreed to or declined.

In this article:

  • Understand which consent categories Growth Hub uses.

  • Pass consent through the component attribute.

  • Update consent using the postMessage API.

  • Know how cookies and defaults behave.

Prerequisites

Before you begin, ensure:

  • You have Growth Hub embedded as a web component.

  • You know your organization's slug.

  • You manage consent outside Growth Hub, for example, through a CMP or custom banner.

Google Tag Manager initialization and marketing consent

When Growth Hub manages your Google Tag Manager container (when skipGtmInitialization is not set or is false), the GTM container is initialized only if marketing consent is explicitly set to true.

This means if you rely on Growth Hub's internal GTM container to connect with your Google Analytics account, you must ensure that marketing consent is correctly passed to the web component via the consent attribute or postMessage API. If marketing consent is false, undefined, or not provided, the GTM container will not initialize, and your GA tracking will not receive events from Growth Hub.

Important: To verify GTM is working, check that marketing consent is being passed correctly and that the consent cookie (gh-webc-consent-cookie-{orgSlug}) contains "marketing": true for users who have given marketing consent.

Overview

Growth Hub supports consent management so you can control which cookies and trackers are used based on user choice. Consent can be passed in 2 ways:

  • As a consent attribute on the Growth Hub web component.

  • Programmatically through window.postMessage.

Both methods use the same consent structure and write to the same first‑party cookie. Once a user has made a choice, Growth Hub continues to use it unless you explicitly update it.

Understand consent categories

Growth Hub recognizes the following consent categories:

  • Functional: Cookies required for core functionality and personalization.

  • Analytics: Cookies used for usage tracking and product insights.

  • Marketing: Cookies used for advertising and remarketing.

The necessary consent category is always on and cannot be changed.

Method 1: Pass consent using the component attribute

You can pass consent directly on the Growth Hub web component using the consent attribute. The value must be a JSON object as a string.

HTML
<growth-hub
  slug="your-org-slug"
  consent='{
    "functional":true,
    "analytics":true,
    "marketing":false
  }'>
</growth-hub>

How attribute-based consent behaves

  • On initial load: If a consent cookie already exists (gh-webc-consent-cookie-{orgSlug}), cookie values take precedence over the attribute. This prevents overwriting an existing user choice.

  • On subsequent updates: Changing the attribute value updates consent and saves the new values to the cookie.

  • Partial updates: You can pass only the categories you want to update (for example, `{"marketing":true}`). Any category you omit keeps its previous value.

Example: Partial update – Update only marketing consent

HTML
<growth-hub
<!-- Only update marketing consent, preserve functional and analytics -->
  slug="your-org-slug"
  consent='{
    "marketing":true
  }'>
</growth-hub>

In this case, functional and analytics consent stay exactly as they were.

Method 2: Update consent using postMessage API

If your consent banner or CMP runs separately, you can push updates using window.postMessage.

JAVASCRIPT
window.postMessage(
   {
     type: 'userConsent',
     payload: {
       functional: true,
       analytics: true,
       marketing: false,
     },
   },
   '*'
);

Message format requirements

  • type: Must be userConsent.

  • payload: Can include any combination of functional, analytics, and marketing.

Example: Partial update via postMessage – Update analytics only

JAVASCRIPT
// Only update analytics consent
window.postMessage(
   {
     type: 'userConsent',
     payload: {
       analytics: true,
     },
   },
   '*'
);

All unspecified categories remain unchanged.

Consent data structure

Both methods accept the same consent object shape:

TYPESCRIPT
{
   functional?: boolean;   // Optional: enable/disable functional cookies
   analytics?: boolean;    // Optional: enable/disable analytics cookies
   marketing?: boolean;    // Optional: enable/disable marketing cookies
}

Notes:

  • All properties are optional – you can pass any combination of them.

  • Unspecified properties in partial updates will preserve existing values.

  • If no consent is provided, values default to false.

How consent is stored

Growth Hub saves consent preferences in a first‑party cookie on your domain: gh-webc-consent-cookie-{orgSlug}

This means:

  • User preferences persist across page reloads.

  • Reinitializing the component does not reset user consent preferences.

  • Saved consent (cookies) always takes precedence over initial attribute values to prevent overwriting saved preferences.

Google Consent Mode behavior

If the Growth Hub web component manages Google Tag Manager—meaning skipGtmInitialization is not set or is false—consent preferences are automatically synchronized with Google Consent Mode V2. This ensures proper compliance with Google's consent requirements for analytics and advertising.

Default behavior if you pass nothing

If no consent is provided via attribute or postMessage, the web component defaults to:

  • necessary: true (always enabled)

  • functional: false

  • analytics: false

  • marketing: false

No tracking starts until you explicitly update consent.

Configuration reference

Attribute

Type

Description

Example

consent

string

Stringified JSON object with optional functional, analytics, and marketing values. Unset categories default to false.

consent='{
"functional":true,
"analytics":true,
"marketing":false}'

Example usage

HTML
<growth-hub 
  slug="your-org-slug"
  consent='{
    "functional":true,
    "analytics":true,
    "marketing":false
  }'>
</growth-hub>

Best practices

  • If you use a CMP, send consent updates only after the user makes a choice

  • Avoid setting full consent objects repeatedly; partial updates reduce the risk of overwriting values

  • Test with page reloads to confirm the cookie is respected

If consent looks wrong, check the cookie value first. In most cases, the system is doing exactly what the last saved choice says.

Related Articles
Embed Growth Hub Into Your Marketing Website
Embed the Growth Hub Widget With the iframe Web Component
Did this answer your question?