Identity & sign-out

Merge anonymous browser and app activity with trusted server events.

Last updated July 16, 2026

Call grometrics.identify(user.id) after signup or login. Grometrics links the application's user ID to its internal visitor, retroactively merges anonymous and server-side activity, and uses the canonical visitor everywhere: funnels, unique counts, revenue attribution, Visitors, journeys, devices, and Realtime.

Identity timeline

1Landing (anonymous) → Pricing (anonymous) → Signup2identify('user_123')3First project (server) → Purchase (server)45All steps now resolve to one canonical visitor and one funnel path.

The cookie stays internal

The site-specific `gm_cross_visitor_id_<websiteId>` cookie always contains an opaque Grometrics visitor ID. Your application user ID is stored as a site-scoped identity link and never becomes the Visitor primary key or cookie value.

Steps

1

Identify after authentication

Use the stable user ID from your application. The SDK waits for its visitor and session bootstrap internally, so an immediate call after page load is safe.

Browser

1await window.grometrics.identify(user.id);
2

Keep server events typed

Send application IDs in userId, not visitorId. visitorId and sessionId are reserved for opaque IDs generated by Grometrics.

3

Reset before another person signs in

On sign-out, rotate both the anonymous visitor and session before clearing the application session.

Browser

1window.grometrics.reset();2await app.signOut();

Next.js / React

1async function signOut() {2  window.grometrics?.reset();3  await auth.signOut();4  router.replace('/');5}

Options / Configuration

MethodWhat it changesWhat it preserves
identify(userId)Links and, when needed, merges into the canonical visitorHistorical events, attribution touches, groups, and payments
reset()Rotates the local visitor ID and session IDThe previous visitor's stored history
Server-side sign-outGenerate a fresh anonymous ID and replace the site-specific cookieNo Grometrics reset endpoint is required

One user per anonymous identity

Calling identify with a different user ID is rejected. Call reset first when a shared browser, demo device, QA environment, or household device changes users.

What happens next

For form-post and backend authentication flows, use the API-key-authenticated server identify endpoint. Server identify API

Troubleshooting

Identify reports a conflict

The current visitor is already bound to another application user. Call reset on sign-out, then identify the next user.

Browser and server steps still look separate

Confirm server events send the application ID as userId, and that identify uses the exact same value.

Was this page helpful?