Normally, SGTM can read cookies just fine — as long as it’s running on the same domain as the site. But Shopify Checkout operates in a separate sandboxed environment, meaning cookies don’t get passed along when requests are sent to the server.
That’s bad news for Google Ads and Facebook Conversions API since click identifiers (gclid, fbclid) live in cookies but are suddenly invisible to SGTM.
Simo Ahava’s workaround is pretty smart:
1. Read the cookies on the client side. Since JavaScript still has access to cookies in the browser, you can grab the values there.
2. Pass them to server-side GTM. Instead of relying on cookies, you send the data as query parameters.
3. Fake it till you make it. sGTM reconstructs the URL with the necessary identifiers, tricking the system into thinking they were in cookies all along.
How does this help?
• For Google Ads, gclid is passed via a query parameter and restored in SGTM.
• For Facebook CAPI, fbclid is handled the same way, making sure conversions are properly tracked.
One catch…
This won’t let sGTM write cookies back to the browser, but it does ensure that clickIDs don’t vanish into the void.
Shopify keeps tightening restrictions to push users toward their built-in solutions, but as Simo Ahava points out, server-side GTM still lets you keep control of your data—if you play your cards right.
If you work with GA4 to BigQuery exports, be sure to check out my SQL cheat sheet.
