TagDrishti Docs

Quickstart

TagDrishti is up and running in just three steps:

1. Sign up at accounts.tagdrishti.com — creates your account, signs the DPA, and gives you your API key.
2. Add the snippet to your GTM container as a Custom HTML tag on All Pages.
3. Publish GTM — within 30 seconds your first events appear in the dashboard.

GTM Installation

In GTM, go to Tags → New → Custom HTML. Paste this snippet — replacing the two values with your actual tenant ID and API key from Dashboard → Settings → API & Script:

<!-- TagDrishti Monitor — paste into GTM Custom HTML tag -->
<script>
window.GTM_MONITOR_CONFIG = {
  tenantId:    "td-your-tenant-id",
  apiKey:      "td_live_xxxxxxxxxxxx",
  apiEndpoint: "https://gtm-monitor-api-461734534175.asia-south1.run.app"
};
</script>
<script src="https://gtm-monitor-api-461734534175.asia-south1.run.app/tagdrishti.js?workspace=YOUR_WORKSPACE_ID" async></script>

Set the trigger to All Pages. Name the tag TagDrishti Monitor. Click Save → Submit → Publish.

Your First Event

After publishing GTM, open your website in a browser. Within 30 seconds you should see events in your TagDrishti dashboard. To verify:

1. Open your site in Chrome
2. Open DevTools → Network tab → filter by gtm-event
3. You should see a POST request to /api/gtm-event with status 200
4. Go to Dashboard → Overview — your domain should appear in the Domain Health section

Script Config Options

All config is set via window.GTM_MONITOR_CONFIG before the script loads:

window.GTM_MONITOR_CONFIG = {
  tenantId:      "td-your-id",         // Required
  workspaceId:   "ws-your-ws-id",      // Optional — defaults to 'default'
  apiKey:        "td_live_xxxxx",      // Required
  apiEndpoint:   "https://gtm-monitor-api-461734534175.asia-south1.run.app", // Required — from Settings page
  sampleRate:    1.0,                 // 0.0–1.0 — % of events to collect (default: 1.0)
  childrenMode:  false,               // DPDP 2023 children protection (default: false)
  environment:   "production"         // 'production' | 'staging' | 'development'
};

Workspaces & Domains

Each workspace in TagDrishti corresponds to one monitored domain. When you add a workspace, you get a unique API key for that domain. This keeps your client data separated — Domain A can never see Domain B's data.

To add a workspace: Dashboard → Domains → Add Domain. Enter the domain name and GTM container ID. You'll receive a workspace-specific snippet to install.

API Keys

API keys are in the format td_live_xxxxxxxxxxxx. Each key is:

• Scoped to a single workspace
• Hashed with bcrypt before storage — we cannot recover a lost key
• Rotatable at any time from Dashboard → Settings → API & Script

Overview Tab

The Overview tab shows your 24-hour summary across all domains: total tag fires, failure rate, average latency, active alerts, and a dual-line chart showing fires vs failures over time.

The Domain Health section shows a success rate sparkline for each domain. Click any domain to jump to the filtered Tag Health view.

Tag Health

The Tag Health tab shows every tag fired across all monitored domains in the selected time range. Columns:

• Tag Name: The GTM tag name as configured in your container
• Type: Tag type (html, ua, ga4, adwords, etc.)
• Status: success / warning / failure
• Fires: Total fire count in the period
• Fail Rate: % of fires that resulted in failure
• Avg ms: P75 execution time in milliseconds
• Severity: critical / high / medium / low — based on tag type

Use the status filter to see only failing tags. Export to CSV for client reporting.

Security & Magecart Detection

The Security tab monitors for threats on your pages:

• Unknown domain: A script loaded from a domain not in your approved list
• SRI missing: A script loaded without a Subresource Integrity hash (PCI DSS 6.4.3)
• CSP violation: A script blocked by Content-Security-Policy
• Flood guard: Unusually high event volume from a single source

For PCI DSS compliance, add your approved script domains to the allowlist in Dashboard → Settings → Data & Privacy → Approved Script Domains.

Consent Compliance

The Consent tab shows real-time consent rates for each consent signal detected via Google Consent Mode v2:

• analytics_storage, ad_storage, functionality_storage, personalization_storage
• GPC (Global Privacy Control) signal rate
• Tags blocked by consent (tags that did not fire due to denied consent)
• EU session percentage (geo-detected)

Core Web Vitals

The Web Vitals tab shows P75 measurements for LCP, CLS, INP, FCP, and TTFB per domain. Thresholds match Google's definitions (Good / Needs Improvement / Poor). The LCP trend chart shows 7-day performance over time.

Alerts

Alerts are triggered when anomaly conditions are met. Configure thresholds in Dashboard → Settings → Notifications:

• Tag failure rate threshold: Alert when a tag's fail rate exceeds X% (default: 10%)
• Security event: Alert on any unknown domain, SRI missing, or CSP violation
• Web Vitals degradation: Alert when LCP or INP moves from Good to Needs Improvement

Alerts are delivered via email (all plans) and Slack webhook (Agency and Enterprise).

BigQuery Export

All events are streamed in real-time to Google BigQuery. To connect your own BigQuery dataset:

1. Go to Dashboard → BigQuery — copy your dataset connection details
2. In GCP Console, grant roles/bigquery.dataViewer to the TagDrishti service account
3. Run the schema SQL from Dashboard → BigQuery → View Schema
4. Events will appear in tag_events, security_events, consent_snapshots, web_vitals_rollups, and anomaly_alerts tables

Slack Alerts

To receive alerts in Slack:

1. In Slack, go to your workspace → Apps → Incoming Webhooks → Add New Webhook
2. Select the channel → copy the webhook URL
3. In TagDrishti Dashboard → Settings → Notifications → paste the URL
4. Click Test Slack to verify — you should see a test message in your Slack channel

API Reference

All API endpoints require Authorization: Bearer {clerk_jwt} header. Base URL: https://gtm-monitor-api-461734534175.asia-south1.run.app

For the complete API reference including response shapes and BigQuery query examples, see the API Connection Guide.

GDPR Setup

TagDrishti is GDPR-compliant by default for EU users. The script automatically detects EU visitors via Cloudflare geo-IP and applies session pseudonymisation. No additional configuration is required.

For DSAR (Data Subject Access Requests): Dashboard → Settings → Data & Privacy → Export Data. Enter the pseudonymous session hash to generate a GDPR-compliant data export.

DPDP 2023 (India)

For Indian user compliance under the Digital Personal Data Protection Act 2023:

• Session pseudonymisation is applied automatically for IN-geolocated users
• To enable children mode (DPDP Section 9): set childrenMode: true in your script config — this blocks all non-essential tag monitoring for that session
• Consent tracking covers Indian users separately in the Consent dashboard

PCI DSS Setup

To use TagDrishti for PCI DSS 6.4.3 and 11.6.1 compliance:

1. Install TagDrishti on all pages that are in PCI scope (checkout, payment confirmation pages)
2. Dashboard → Settings → Data & Privacy → Approved Script Domains — add all legitimate script domains for your payment pages
3. Any script domain not on this list will trigger a critical security alert immediately
4. Review the Security tab weekly — PCI DSS 11.6.1 requires regular monitoring of payment page script inventory
5. Export security event logs monthly for your PCI audit trail