Skip to content
ProductAgenciesEnterpriseCompliancePricingTrustBlog
Back to Documentation

COKIQ docs

Google CMP Partner Readiness

Understand what COKIQ has ready for Google CMP review and what still needs IAB TCF, TC String, and certification work.

Best for

Product, compliance, and engineering teams preparing COKIQ for Google CMP certification.

What the report shows

These are the product-side evidence areas COKIQ can surface when the site has the required scan, banner, consent log, and blocker data.

Ready today

Consent Mode v2 defaults and updates, consent logs, export paths, GPC handling, and regional profile evidence are implemented.

Foundation started

COKIQ has TCF config fields, official TCF core dependency, GVL fetch support, runtime diagnostics, GVL-powered vendor selection, live disclosure UI, guarded TC String encoding, guarded __tcfapi bridge logic, review-readiness evidence, purpose/vendor evidence, and export fields.

Main blocker

Google CMP approval still requires certified CMP identity and reviewer-tested IAB TCF behavior for EEA, UK, and Switzerland publisher ad use cases.

Current version target

As of June 2026, newly generated TC strings should be planned against TCF v2.3, not only the older v2.2 requirement.

Setup steps

Step 1

Verify live Consent Mode

Confirm default denied states and post-choice updates for ad_storage, analytics_storage, ad_user_data, and ad_personalization.

Step 2

Register the certification path

Confirm Google CMP intake, IAB CMP identity, CMP ID, and any required developer/program IDs before wiring production TCF.

Step 3

Validate GVL foundation

Use /api/tcf/gvl to confirm the Global Vendor List can be fetched and versioned before building full vendor controls.

Step 4

Configure selection evidence

Use the GVL-powered banner editor to store purpose maps, special feature IDs, selected vendors, production mode, CMP ID, CMP version, and publisher country.

Step 5

Review live disclosure

Open the banner customization panel and verify selected purposes/vendors are disclosed from the current GVL before consent is saved.

Step 6

Validate guarded TC strings

Use /api/tcf/encode and consent exports to confirm TC strings are generated only from real visitor choices, current GVL metadata, and configured CMP credentials.

Step 7

Validate TCF API implementation

Test top-frame __tcfapi ping, addEventListener, removeEventListener, getTCData, storage disclosures, and vendor evidence.

Step 8

Run review-readiness evidence

Use /api/tcf/review-readiness?siteKey=... to confirm the site is not blocked before collecting browser screenshots, console traces, and exports.

Step 9

Run regional tests

Test EEA, UK, and Switzerland banner behavior with accepted, rejected, custom, and GPC scenarios.

Step 10

Submit only with evidence

Prepare screenshots, network traces, console checks, consent logs, TC string examples, and reviewer notes before application.

Implementation checklist

  • Consent Mode v2 defaults are visible before Google tags
  • Consent logs and exports include timestamp, region, profile, choices, and policy version
  • GVL endpoint returns current vendor and purpose metadata
  • Banner editor can search and select vendors from the current GVL
  • Live banner Customize panel discloses configured purposes and vendors
  • Consent logs include configured and consented TCF purpose/vendor IDs plus TC String fields when encoding is available
  • TCF v2.3 TC strings are generated only from real visitor choices
  • /api/tcf/review-readiness returns ready for the review site
  • __tcfapi addEventListener and getTCData behavior passes vendor tests
  • EEA, UK, and Switzerland reviewer paths are documented
  • Google CMP certification and IAB CMP IDs are documented

Important boundaries

  • COKIQ must not claim Google CMP certification until Google approval is received.
  • COKIQ must not generate placeholder TC strings or fake __tcfapi responses.
  • Consent Mode compatibility is useful but is not a substitute for IAB TCF certification.

FAQ

Is COKIQ ready to apply as a Google CMP partner today?

Not as a ready certification submission. Consent Mode, logs, GPC, geo evidence, GVL disclosure, guarded TC String encoding, guarded __tcfapi bridge logic, and review-readiness evidence are in place, but external certification IDs and reviewer evidence are still required.

Can we submit early for feedback?

Yes, but it should be framed as early review. A ready application should wait until TCF and certification identity work is complete.