I am creating a Web Widget, a page that customers can use within an HTML Iframe in order to embed our experience on 3rd parties and vendors.
The site will be public, I am not willing to ask consumers to register in order to have a key or a unique identity to be passed as a query param for example (e.g. ?id=<unique_id>).
On the other hand, I need to track who is using the iframe. What are my options? A colleague suggested using the request headers, such as the origin, to track the usage on the server-side. Is that a good strategy? I'm not sure how much I can trust the origin header.
What if I fire an event (hence a client to server call), at page load (such as analytics) which logs the current page URL? Would that work, from within an iframe?
I am pretty sure I am reinventing the wheel here. What would be some good recommendations?
Thanks!
For others ideating for a similar solution, my fix was actually to simply hook a proper client analytics to the page, and trigger a page load event, upon page load, which would push not just the page, but quite a few other properties to our analytics.
Also, we added a clientId query param to our urls, so that we could identify precisely who was serving the iframe visited by the user.