Identify API
Merge a Grometrics browser visitor with an application user from your backend.
Last updated June 3, 2026
Use POST /api/v1/identify when signup or login is handled by a form POST, server action, or backend endpoint. Read the first-party Grometrics visitor cookie from the incoming customer request, then forward that opaque visitor ID with your application user ID.
Workspace-scoped authentication
Send a workspace API key as a Bearer token and include `websiteId`. Grometrics verifies that the site or tracked app belongs to that workspace before accepting the request.
Replace YOUR_SITE_ID with your site ID from Settings > Tracking.
POST /api/v1/identify
1curl https://usegrometrics.com/api/v1/identify \2-H "Authorization: Bearer YOUR_API_KEY" \3-H "Content-Type: application/json" \4-d '{5"websiteId": "YOUR_SITE_ID",6"visitorId": "OPAQUE_GROMETRICS_VISITOR_ID",7"userId": "user_123"8}'
Options / Configuration
| Field | Meaning | Required |
|---|---|---|
| websiteId | The Grometrics site or tracked app ID owned by the API-key workspace | ✓ |
| visitorId | Opaque Grometrics ID read from the site-specific cookie | ✓ |
| userId | Stable application user ID; never used as Visitor.id | ✓ |
200 response
1{2"visitorId": "CANONICAL_GROMETRICS_VISITOR_ID",3"previousVisitorId": "OPAQUE_GROMETRICS_VISITOR_ID",4"mergedSources": ["OPAQUE_GROMETRICS_VISITOR_ID"],5"mergeCount": 16}
Python / Flask
1key = f'gm_cross_visitor_id_{WEBSITE_ID}'2visitor_id = request.cookies.get(key) or request.cookies.get(f'gm_visitor_id_{WEBSITE_ID}')3requests.post(GROMETRICS_URL, headers={'Authorization': f'Bearer {API_KEY}'}, json={'websiteId': WEBSITE_ID, 'visitorId': visitor_id, 'userId': user.id})
Browser and mobile SDKs use the deliberately public /api/track/identify endpoint with recent-session validation and rate limits. Backend integrations use this authenticated route. Both call the same merge service and produce the same canonical visitor.
Server-side sign-out reset
There is no reset endpoint. Generate a fresh unique anonymous ID and replace gm_cross_visitor_id_<websiteId> in the sign-out response. The trusted events API creates internal Grometrics sessions itself.
Was this page helpful?