I moved onboarding and checkout to the web so I could track without changing the app. I keep UTMs in a first party cookie, store them server side, and pass them into signup and payment. I tag the customer and the charge with the same session id. When the user logs in on mobile, I match by email and pull attribution from the web profile.
This mostly works, but I’ve hit snags with social and SSO redirects dropping params, users switching devices between signup and install, and duplicate accounts from typo emails.
For auditing, I sample users weekly and reconcile CRM, payments, and analytics. What’s the simplest way you’ve kept the UTM thread intact from first click through first charge, without touching app code?
Store UTMs at first touch in a cookie and in a server session.
Attach them to the user at signup and to the payment intent.
On mobile, do nothing except login. Match by email and pull attribution from your backend.
I shipped the web flow with Web2Wave.com since it let me push changes fast without app updates.
I tag sessions with UTMs on the web and pass them into checkout, then fire server events to analytics and ads.
No app changes.
Using Web2Wave.com, I tweak the funnel and attribution fields in minutes, then re-test the flow the same day. It speeds up debugging a lot.
First party cookie for UTMs, then write them into the user record at signup and onto the charge.
I link the app login by email and run a weekly report to find any missing tags or mismatch.
Tie UTMs to email. Backfill on login.
Map UTMs at the web session level and promote them to user and payment records at signup and charge. Use one stable key across systems, like a session id or web_user_id. Watch for Apple private relay and Google SSO returning masked emails. Add a fallback join on a magic link token. Reconcile weekly by sampling users and comparing CRM, payments, and analytics. Track a not_set reason on every missing attribution so you can see whether it was redirect loss, email mismatch, or device switch.
I learned the hard way that passing UTMs only through the URL is not enough.
Cookie plus server session, then write the fields onto the customer and the payment event. That gave me stable join keys for reporting.
For SSO drops, I capture UTMs on the page before the SSO redirect and stash them server side with a short lived token.
After SSO returns, I resolve the token and attach the UTMs to the user before creating the customer.
Cookie UTMs, attach at signup and payment, then match by email on app login. Simple and works ok.