Pinterest API for Conversions

Pinterest server-side tracking via the API for Conversions. Better match rates. No Pinterest Tag.

Pinterest server-side tracking delivers conversion events to the Pinterest API for Conversions directly from your own cloud, instead of relying on the Pinterest Tag firing in the browser. Datafly Signal handles it automatically: captured epik click id, SHA-256 hashed match keys, and direct server-to-server delivery with zero Pinterest JavaScript on the page.

Request a DemoView Features

Pixel

Pinterest Tag in browser

The Pinterest Tag runs as third-party JavaScript on every page, competing with your content and exposed to blockers.

20-40%

Blocked by ad blockers

Desktop users with ad blockers never fire the Pinterest Tag. Those conversions are invisible to your campaigns.

7 days

ITP cookie limit

Safari caps client-side _epik cookies to 7 days, breaking attribution for returning visitors.

Zero

Pinterest JS with Signal

Datafly Signal delivers events server-to-server. No Pinterest Tag, no pixel, no browser overhead.

Problems with the Pinterest Tag

The Pinterest Tag shares the architectural limits of every client-side tracking pixel. These are not configuration problems, they are fundamental constraints of browser-based JavaScript.

Third-Party JavaScript On Every Page

The Pinterest Tag loads vendor JavaScript that competes with your content for bandwidth and main-thread time. On mobile connections this directly affects page load, Core Web Vitals, and conversion rates.

Ad Blockers Block It

20-40% of desktop users run ad blockers that block Pinterest tracking domains by default. These users never register a single event, leaving a permanent blind spot in your attribution data.

ITP-Limited Cookies

Safari Intelligent Tracking Prevention caps client-side JavaScript cookies at 7 days. A browser-set _epik expires weekly, breaking attribution windows and fragmenting the epik click id.

Consent Timing Issues

The Pinterest Tag can fire before a consent banner resolves, or after consent is revoked, with events already in flight. Server-side delivery gives you full control over which events are eligible to send and when.

How Signal delivers Pinterest events

Datafly Signal replaces the Pinterest Tag with server-to-server delivery via the Pinterest API for Conversions. Better identity matching, zero browser overhead.

Captured epik click id

When a user arrives from a Pinterest ad, the epik query parameter is captured on landing and stored as a 400-day server-set first-party cookie, mirroring Pinterest’s _epik. It ships as click_id on every later conversion.

Server-to-server delivery

Events are delivered directly to api.pinterest.com via the v5 events endpoint. A purpose-built delivery worker retries with exponential backoff on failure, so transient errors do not lose conversions.

SHA-256 hashed match keys

Email, phone, and external_id are normalised and SHA-256 hashed before transmission. Higher match rates without raw PII ever reaching Pinterest.

IP and user agent fallback

client_ip_address and client_user_agent are forwarded so Pinterest can match on the accepted minimum pair when click_id and hashed PII are not present.

ITP-exempt 400-day cookies

The epik click id and pseudonymous device cookie are set via Set-Cookie headers from your true first-party subdomain. Safari ITP does not restrict server-set cookies, so attribution survives the full buying cycle.

Zero Pinterest JavaScript

No Pinterest Tag, no pixel, no third-party scripts. The only JavaScript in the browser is your 5.2KB Datafly.js collector.

Match keys sent on every event

Datafly Signal sends the complete set of match keys the Pinterest API for Conversions accepts. More deterministic signals means higher match rates and better campaign optimisation.

click_id
Source: epik param / _epik
Format: 400 days
Description: Pinterest click identifier, captured from the epik URL parameter on landing and persisted in a server-set first-party cookie. The strongest single match signal for ad-driven conversions.
em
Source: traits.email
Format: SHA-256
Description: Email address, normalised (lowercased, trimmed) and SHA-256 hashed before transmission. Raw email never leaves your server.
ph
Source: traits.phone
Format: SHA-256
Description: Phone number, reduced to digits with country code and no leading zeros, then SHA-256 hashed before transmission.
external_id
Source: Your user ID
Format: SHA-256
Description: Your internal user identifier, SHA-256 hashed. Enables cross-device matching for logged-in users in Pinterest’s identity graph.
client_ip_address
Source: context.ip
Format: Per event
Description: Visitor IP address, forwarded with each event for fallback matching when click_id and hashed PII are unavailable.
client_user_agent
Source: context.userAgent
Format: Per event
Description: Visitor user agent string, paired with client_ip_address as one of Pinterest’s accepted minimum match-key combinations.

All PII is automatically SHA-256 hashed as required by Pinterest. Email, phone, and external_id are normalised and hashed before leaving your server. Raw PII never reaches the Pinterest API.

Pipeline as Code

Purpose-built Pinterest event transformation

This pipeline config transforms an order_completed track event into a Pinterest API for Conversions checkout event. Identity is enriched from the epik cookie, match keys are hashed automatically, and order data is mapped to Pinterest’s custom_data format.

  • event_name, action_source, and event_time set for the conversion
  • epik click_id captured from URL and _epik cookie
  • normalised_sha256 hashing for email, phone, and external_id
  • client_ip_address and client_user_agent forwarded for fallback matching
  • event_id emitted for deduplication against the Pinterest Tag
  • Output validation against the v5 events schema before delivery
pinterest-checkout.yamlYAML
# pinterest-checkout.yaml — Checkout event to Pinterest API for Conversions
name: pinterest_checkout
integration: pinterest-conversions-api
trigger:
  event: track
  conditions:
    - field: event
      operator: equals
      value: order_completed

transform:
  static:
    - target: event_name
      value: checkout
    - target: action_source
      value: web

  mapping:
    - source: timestamp
      target: event_time
      transform: unix_seconds
    - source: context.page.url
      target: event_source_url

  # Required for dedup against the Pinterest Tag
  dedup:
    - source: message_id
      target: event_id

  # User context — IP and UA fallback matching
  context:
    - source: context.ip
      target: user_data.client_ip_address
    - source: context.userAgent
      target: user_data.client_user_agent

  # Match keys — auto-hashed PII (normalised_sha256)
  user_data:
    - source: traits.email
      target: user_data.em
      transform: normalised_sha256
    - source: traits.phone
      target: user_data.ph
      transform: normalised_sha256

  enrichments:
    - type: click_id
      param: epik
      cookies: [_epik]
      target: user_data.click_id
    - type: identity
      source: user_id
      target: user_data.external_id
      transform: normalised_sha256

  # Custom data — order details
  custom_data:
    - source: properties.currency
      target: currency
      default: USD
    - source: properties.revenue
      target: value
    - source: properties.products
      target: content_ids
      transform: pluck
      field: product_id
    - source: properties.quantity
      target: num_items

output:
  format: pinterest_conversions_api
  endpoint: https://api.pinterest.com/v5/ad_accounts/{ad_account_id}/events
  auth: access_token
  validate: true

Supported Pinterest conversion events

The standard Pinterest API for Conversions event types are supported out of the box. Each event is delivered server-to-server with full match-key enrichment.

page_visit

When a user views any page on your site

view_category

When a user views a product category or listing page

search

When a user runs a search on your site

add_to_cart

When a user adds an item to their shopping cart

checkout

When a user completes a purchase transaction

signup

When a user creates an account

lead

When a user submits a lead or enquiry form

watch_video

When a user watches a tracked video

custom

Any custom conversion you define for your funnel

Frequently asked questions

What is Pinterest server-side tracking and how is it different from the Pinterest Tag?
Pinterest server-side tracking sends conversion events to Pinterest from your own server through the Pinterest API for Conversions, rather than from a JavaScript tag running in the visitor’s browser. The Pinterest Tag (the browser pixel) fires from the page and is exposed to ad blockers, Safari ITP cookie caps, and consent-banner timing gaps. The API for Conversions receives events server-to-server, so delivery does not depend on the browser executing third-party JavaScript. Datafly Signal generates and ships these events for you, with no Pinterest Tag on the page.
How does Datafly Signal capture the epik click id for Pinterest attribution?
When a user arrives from a Pinterest ad, the landing URL carries the epik query parameter. Datafly.js extracts it on landing and the gateway stores it in the same 400-day server-set first-party cookie pattern Pinterest writes as _epik. Conversions days or weeks later carry the original epik as click_id, so the conversion is matched to the specific ad click regardless of Safari ITP’s 7-day cap on browser-set cookies.
Which match keys does Signal send to the Pinterest API for Conversions?
Signal sends the strongest deterministic signals Pinterest accepts: click_id (epik), SHA-256 hashed email (em), SHA-256 hashed phone (ph), hashed external_id, plus client_ip_address and client_user_agent for fallback matching. Pinterest requires at least one of hashed email, a hashed mobile advertiser id, or the client_ip_address and client_user_agent pair; Signal sends the full set available on each event so Pinterest has the best chance to match.
How is PII hashed before it reaches Pinterest?
Email is lowercased and trimmed, phone is reduced to digits with country code and no leading zeros, and both are SHA-256 hashed before they leave your server. external_id is hashed the same way. Raw PII never reaches the Pinterest API. This is the normalised_sha256 transform applied automatically by the blueprint, not a per-customer customisation.
Can I deduplicate against an existing Pinterest Tag during migration?
Yes. Signal generates a deterministic event_id for every event and sends it with event_name to the API for Conversions. If the Pinterest Tag is still on the page during migration, both the browser event and the server event arrive with the same event_id and event_name, and Pinterest deduplicates them. You can run both in parallel for as long as you need before removing the tag.
Does this work without consent, and is it pseudonymous?
Identifiers are pseudonymous: the epik click_id and a first-party device cookie do not name a person on their own, and PII match keys are SHA-256 hashed. Advertising delivery to Pinterest should still respect the visitor’s consent choice. Because Signal runs in your own cloud on your own subdomain, you control exactly which events are eligible to ship and when, rather than relying on a third-party tag firing before a consent banner resolves.

Related

Meta Conversions API

Same server-side pattern for Meta CAPI with _fbp generation, fbclid capture, and EMQ optimisation.

TikTok Events API

Server-side TikTok delivery with self-generated _ttp, captured ttclid, and hashed PII.

PII Handling

How Signal normalises and SHA-256 hashes email, phone, and external_id before any vendor sees it.

Safari ITP Recovery

400-day first-party cookies for epik and device persistence across the full buying cycle.

Maximise Pinterest ROAS with server-side tracking

See how Datafly Signal delivers Pinterest API for Conversions events with full match-key enrichment, zero browser overhead, and ITP-exempt 400-day cookies. Better data, better optimisation.

Request a DemoView Platform