Advanced Privacy guide & postback macros for ad networks

At a glance: Data sharing with partners when Advanced Privacy is enabled. Instructions for ad networks on setting up Advanced Privacy postbacks. Note! This article is not related to either SKAdNetwork postbacks nor is it intended for use by advertisers. 

Advanced Privacy for Ad Networks news

The Advanced Privacy postback mechanism described in this article works when all of the following are true:

  • The user device is running iOS 14.5+
  • Advanced Privacy is on


This article discusses: 

Ad network Advanced Privacy data-sharing principles

Starting iOS 14.5+ the AppsFlyer Aggregated Advanced Privacy Framework (AAP) provides advertisers with the ability to control the availability of user-level attribution data provided via the AppsFlyer platform. 

In the context of ad networks, the AAP framework is implemented using Advanced Privacy (AP). For ease of understanding, the terms Advanced Privacy and AP are used interchangeably in this article. 

AP doesn't impact the availability of aggregated data available to partners or ad networks.  

What data is affected by AP

When AP is on, user-level data for non-consenting users running iOS 14.5+ is not available via postbacks or other reporting methods including Protect360 fraud-related reports.

In the context of postbacks it means that different types of postbacks are used depending on a user's ATT consent status and other factors. 

You can view the current AP setting, per app: In AppsFlyer, from the side menu, select Collaborate > Active Integrations > select your ad network > Integration tab. The default setting is on. 


Types of templates for sending postbacks

  • Regular template: Your existing integration template with AppsFlyer with user-identifier and attribution-data macros. This template is used for sending postbacks containing user-level attribution data. 
  • Advanced Privacy template: A template with no user-identifier macros. This template is used for sending postbacks containing aggregated attribution data. 
    Note: If an AP postback is required and you haven't completed AP integration, no postback is sent. You can set up AP integration using our self-service Postback Management tool.


  • If a user gives ATT consent in the apps of both the advertiser and the publisher ("dual consent"), regular postbacks are sent to both the attributed and non-attributed ad networks.
  • Exception: For installs attributed to Apple Search Ads (ASA), ASA sends install postbacks to the ad network even when Advance Privacy is turned on for the advertiser in the following conditions:
    • the user didn't give consent
    • install postback on the ad network was set to All media sources, including organic 
    • the ad network doesn't support Advanced Privacy

Type of postback used 

The following table is applicable to the data of users running iOS 14.5+.

Note! If the iOS version is 14.4 or before, the table that follows isn't applicable. It means that postbacks using the regular template are sent to both the attributed and non-attributed ad network. 

Postback type for iOS 14.5+

AP status

ATT status Postback template type to attributed partner* supporting AP  Postback template type to attributed partner* not-supporting AP  Unattributed postback partner*

Publisher app

Advertiser app



Not authorized

AP template (aggregated data)

No postback



Not authorized


AP template (aggregated data)

No postback

Regular template

Attribution fields aren't available.*




Regular template. This includes available IDs like: IDFA, IDFV, CUID, Click ID and attribution fields. 

Regular template. This includes available IDs like: IDFA, IDFV, CUID, Click ID and attribution fields.  Regular template including available IDs. Attribution fields aren't available.*


Not authorized

Not authorized

AP template (aggregated data)

No postback



Not considered

Not considered

Regular template

Regular template

Regular template.

Attribution fields aren't available.*

(*) Principles for data sharing with partners

For any given event, multiple ad network partners may be entitled to a postback. The postbacks sent are as follows:

  • Attributed partner: Ad network credited with the event
  • Unattributed partner: Integrated partner not credited with the event, when the In-app events postback > Sending option is set to All media sources including organic. If the advertiser app has ATT consent, the postback contains user IDs without attributed data. (This option is not supported by all ad networks.)


Web campaigns

AP behaves differently when the ad network serves an ad on the web.

To indicate whether a click came from the web or from an app, you must send the af_media_type=web or af_media_type=app parameter in the click URL.

If you don't send af_media_type, the default is app.

Postback type used for iOS 14.5+ when AP is on

ATT status Postback type to attributed partner* Postback type to unattributed partner*

Publisher app

Advertiser app


Not authorized

Advanced Privacy




Regular. User-level with the following IDs: IDFA, IDFV, CUID, Click ID.

Regular. User-level IDs only.


Update your click URLs and complete Advanced Privacy integration.

Click URL requirements

In many cases, depending on user ATT consent, IDFA will be unavailable in the publisher app, the advertiser app, or both. In these instances, AppsFlyer may perform attribution using Aggregated Advanced Privacy and probabilistic modeling.

[Best practice] To maximize your attributions, send all parameters listed.

  1. Append the following parameters to click URLs:
    Identifier Click parameter





    Campaign ID






    Adset ID






    Ad ID



    Site ID



    Subsite ID






    Ad type



    iOS device model*


    The device model. Values permitted:

    • iphone (all lower case)
    • ipad (all lower case)

    Operating system*


    The operating system version

    * Some information may also be provided via the user agent. In this case, the value sent using the specific identifier takes precedence.

    Append campaign details to the click URL

    The example that follows shows how to add your campaign details to the click URL:{CampaignName}&af_c_id={CampaignID}&af_adset={adset name}&af_adset_id={adset ID}&af_ad={ad name}&af_ad_id={ad ID}&af_ad_type={Ad type}&af_siteid={PublisherId}
  2. Add the following mandatory parameters to click URLs*:


    If your click URL does not pass the mandatory parameters, you will not be credited with the majority of installs you drive.

    • IP 
    • User-agent 

    * No action is required when sending a click using a simple HTTP referrer that redirects to AppsFlyer. 

    Use the extraction method described to append the parameters to the click URL when using either of the following methods: 

    • Redirect via in-app 
    • Server-to-server clicks (aka, S2S) 

    Parameters for Advanced Privacy attribution



    Extraction method

    Device language and locale



    NSString *language = [[NSLocale preferredLanguages] objectAtIndex:0];

    [Recommended] Provide the language and locale; for example, en-US.




    Extract the user-agent with the format:

    +like+Mac+OS+X%29 AppleWebKit%2F605.1.15+%28KHTML%2C
    • Do not extract the CFNetwork user-agent, extract the other one. 
    • The user-agent should be URL encoded.

    Device IP address



    Best option: If available, provide the device IP under the af_ip parameter.

    Next option: If available, AppsFlyer will use the IP in X-Forwarded-For.

    Append parameters to the click URL

    To pass these mandatory parameters on the click attribution link, use this reference:{CampaignName}&af_c_id={CampaignID}&af_adset={adset name}&af_adset_id={adset ID}&af_ad={ad name}&af_ad_id={ad ID}&af_ad_type={Ad-type}&af_siteid={PublisherId}&af_ua={USER-AGENT}&af_lang={LANGUAGE}&af_ip={IP}


    GET{CampaignName}&af_c_id={CampaignID}&af_adset={adset name}&af_adset_id={adset ID}&af_ad={ad name}&af_ad_id={ad ID}
    &af_ad_type={Ad type}&af_siteid={PublisherId}



    * Query parameters must be URL-encoded.

    Pass data on click URL headers

    To pass the fields on the click URL header, use this reference:

    GET{CampaignName}&af_c_id={CampaignID}&af_adset={adset name}&af_adset_id={adset ID}&af_ad={ad name}&af_ad_id={ad ID}&af_ad_type={Ad type}&af_siteid={PublisherId}

    accept-language: en-US,en;q=0.

    User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5_1 like Mac OS X)

    AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148


Advanced Privacy postback specification

To receive Advanced Privacy postbacks, you must set up an Advanced Privacy integration in addition to the regular postback integration. You can configure the Advanced Privacy postback yourself in the AppsFlyer dashboard.

Differences between the regular template and Advanced Privacy template

  • Postbacks are sent in hourly batches.
    • The batches include all event types.
    • The batches include both attribution and rejection postbacks.
    • 0.001% of postbacks may be sent in later batches, with possible delays of up to 24 hours.
  • Postback time does not correlate with actual event times.
  • Timestamp macros:
    • For installs and in-app events, timestamps are rounded down to the hour in which they occurred. For example, 22:55:30 is reported as 22:00:00.
    • Are reported using the UTC time zone. Example timestamp: (2020-07-20 20:00:00)
  • The following parameters are not available in Advanced Privacy postbacks: Click ID, Customer User ID, AppsFlyer ID, IDFA, IDFV, device model, OS version, and carrier.

Action required by the ad network to integrate:

  1. Set up your Advanced Privacy postback in the AppsFlyer dashboard. 
  2. Test Advanced Privacy integration.


  • In order to be able to distinguish between postbacks for legitimate events and rejected postbacks, you must configure the rejected postback macros.

  • To enable rejected installs/events postback, contact us using the partner assistant widget.

Advanced Privacy postback endpoint [complete as required]

Postback type

Advanced Privacy attribution macros available

Postback macro (name)

Remarks Base parameters for all postbacks Optional parameters for in-app events  Optional parameters for rejected attribution
af_ad Creative name Yes    
af_ad_id 34567 Yes    
af_ad_type Like: banner, footer, video Yes    
af_adset ADSET_1 Yes    
af_adset_id 56789 Yes    
app_id - Yes    
app_name - Yes    

Rounded down to the nearest hour. 

Format see note (1)

attributed_touch_type Such as: click, impression Yes    
blocked_reason Relates to validation rules/Protect360     Yes
blocked_reason_value Relates to validation rules/Protect360     Yes
blocked_sub_reason Relates to validation rules/Protect360     Yes
bundle_id As set by the advertiser Yes    
c Campaign name, like, US_20_30 Yes    
af_c_id Campaign ID, like, 12345 Yes    
af_channel Channel name Yes    
country_code ISO country code recorded on conversion Yes    

Rounded down to the nearest hour. 

Format see note (1)

event_name As reported by the app   Yes  
event_revenue Revenue amount in event currency   Yes  
Revenue currency code   Yes  
event_revenue_usd Revenue converted to USD   Yes  

Rounded down to the nearest hour. 

Format: see note (1)

is_first True if this is the first time this in-app event was triggered by a specific end-user   Yes  

Use to deduplicate

Boolean: 0, 1


Use to deduplicate 

Format: See note (2)


Format: See note (2)


Use to deduplicate 

Format: See note (2)

match_type Like: id_matching, probabilistic Yes    
event_id Name/ID of the corresponding event in the ad network platform   Yes  
platform Like: ios, Android Yes    
postback_id Unique postback ID Yes    
Such as: re-engagement, re-attribution Yes    
af_siteid abcdefgh12345678 Yes    
af_sub_siteid abcdefgh12345678 Yes    


(1) Timestamp formats available:

  • [Default] String: YYYY-MM-DD HH:MM:SS
  • Epoch time: 10-digit Unix timestamp 

(2) Boolean format available

  • [Default] Numeric: 0, 1 
  • String: false, true

Setting up your Advanced Privacy postback

Set up your AP postback using the Postback management option in the AppsFlyer dashboard.


  • You must have an active integration with AppsFlyer to manage your Advanced Privacy postback. Contact us using the partner assistant widget to create an integration.
  • AppsFlyerAdmin_us-en.png Postback management is performed by the account admin; team members do not have access.

To set up the postback:

  1. From the top bar, open the account menu (email address dropdown) > Postback management.
  2. Select the postback type: Advanced Privacy. 
  3. Activate the builder.


  4. Enter the endpoint address: The endpoint URL to which AppsFlyer sends postbacks. Enter the relevant URLs for installs and/or in-app events.
  5. Enter the parameters to be included in the postbacks:
    • Parameter name: AppsFlyer parameter screen name
    • Your receiving parameter: the respective receiving parameter on your side
    • Parameter value (available for some parameters): choose the value format. For example, for Boolean values, choose whether to receive them as "true"/"false", or 1/0.
    • Install: check the box to include the parameter in the install postback.
    • In-app event: check the box to include the parameter in the in-app event postback.


    Complete list of Advanced Privacy postback macros.

  6. [Optional] Add custom parameters that are not provided by AppsFlyer:


  7. Check the final postback template preview to make sure everything is correct.


  8. Click Save. Note that when you save the postback, the changes take effect immediately.

In the case of any issues, reach out to us using the partner assistant widget.

Additional information

AP for analytics partners

Postbacks are sent to analytics partners as follows:

  • AP off: User-level postback without restriction.
  • AP on: According to user source and ATT status as detailed in this table; 

Analytics partner postback type according to ATT status and user source

User source

ATT status Postback type to analytics partner

Publisher app

 Advertiser app







Not authorized



Any value

Not authorized


Organic or web




Organic or web


Not authorized


AP vs. SKAdNetwork

SKAdNetwork is an attribution technology provided by Apple for iOS devices. Advanced Privacy is part of the AppsFlyer Aggregated Advanced Privacy (AAP) framework and relates to attribution performed by AppsFlyer. AAP provides advertisers the ability to control the availability of user-level attribution data via the AppsFlyer platform. Typically ad networks support both AP and SKAdNewtork integration.