Server events

For SaaS apps where the success event happens after a server-side confirmation (payment captured, signup verified, booking confirmed), use the server-event endpoint instead of the browser SDK. Ad blockers can't touch your backend traffic.

Get an API key

In the dashboard, open the "Send events from your backend" quest. Click Create key, give it a name (e.g. "Production server"), and copy the token. It's shown once — store it in your secrets manager.

The token looks like:

dl_live_<key_id>_<secret>

Cap of 10 active keys per site. Revoke and rotate any time.

The endpoint

POST /event
Authorization: Bearer dl_live_<key_id>_<secret>
Content-Type: application/json

{
  "event_name": "success",
  "name": "paid-customer",
  "page_path": "/checkout/success",
  "success_value": 9.99,
  "success_user_id": "user_42",
  "properties": {
    "plan": "starter"
  }
}

Returns 204 No Content on success. Returns 401 if the token is invalid or revoked.

Required fields

Rate limits

500 requests per 10 seconds per key, sliding window. 429 with Retry-After if you exceed. Bump the limit if you need more — email us.

Code samples

The dashboard generates ready-to-paste snippets for 12 runtimes: curl, Node fetch, Python requests, Ruby Net::HTTP, PHP cURL, Go net/http, Java HttpClient, C# HttpClient, Rust reqwest, Elixir Req, Next.js Server Action, and more. They're pre-filled with your actual API key when you create one.

PII safety

Same as the browser SDK — property keys matching email, phone, password, ssn are stripped server-side. Don't worry about accidentally including them.

What's next

• Frontend events? See the SDK reference.
• Want ad blockers to literally not see us? Set up the first-party proxy.