Security News
The Changelog Podcast: Practical Steps to Stay Safe on npm
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
By Sarah Gooding - Oct 31, 2025
🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
@adobe/magento-storefront-event-collector
Advanced tools
Adobe Commerce Events Collectors
Overview
This package listens for and handles events published by the Adobe Commerce Events SDK to the adobeDataLayeracdl. It runs as a side effect and is meant to be a convenience for users who want to send event data to Adobe Commerce.
Installation
The collector can be used as a hosted script, or bundled in a JavaScript application. The script version is hosted on jsdelivr, and the bundled version is hosted on npm.
To load the Collector as a script, use the following snippet.
<script src="https://cdn.jsdelivr.net/npm/@adobe/commerce-events-collectors/dist/index.js"></script>
To install the script as a dependency, run this command.
npm install @adobe/commerce-events-collectors
Quick start
After loading the collector script, or importing the package as shown below, there is nothing else that needs to be done.
import "@adobe/commerce-events-collectors";
Usage
The collector listens for the following events.
pageViewaddToCartproductPageViewshoppingCartViewinitiateCheckoutopenCartplaceOrderrecsItemAddToCartClickrecsItemClickrecsRequestSentrecsResponseReceivedrecsUnitRenderrecsUnitViewremoveFromCartsearchCategoryClicksearchProductClicksearchRequestSentsearchResponseReceivedsearchResultsViewcategoryResultsViewsearchSuggestionClickcreateAccounteditAccountsignInsignOutcustom
B2B events
createRequisitionListdeleteRequisitionListaddToRequisitionListremoveFromRequisitionList
The handlers forward events to two edges:
-
Adobe Commerce Data Services (maintained by Adobe Engineering and used to power merchant performance dashboards)
Required contexts:
StorefrontInstance
Events not forwarded to Adobe Commerce:
createAccounteditAccountopenCartremoveFromCartsignInsignOutcustom
B2B events:
createRequisitionListdeleteRequisitionListaddToRequisitionListremoveFromRequisitionList
-
Adobe Experience Platform (AEP) (requires a subscription and additional merchant setup; data can be used by merchants inside the Adobe Experience Platform for detailed analytics, targeted merchandising, real time customer data profiles, and more)
Required contexts:
AEPEventForwarding.aep: true
Events not forwarded to AEP Edge:
recsItemAddToCartClickrecsItemClickrecsRequestSentsearchResponseReceivedsearchCategoryClicksearchProductClicksearchResultsViewcategoryResultsViewsearchSuggestionClick
Turning off collection per edge
Events are sent to Adobe Commerce Data Services by default. To turn collection off collection, set EventForwarding.commerce: false.
Events are not set to AEP Edge unless explicitly configured (EventForwarding.aep: true);
Handling custom events
Custom events are supported for the Adobe Experience Platform only. Custom data will not be forwarded to Adobe Commerce dashboards and metrics trackers.
For any custom event, the collector:
- adds
identityMapwithECIDas a primary identity - includes
emailinidentityMapas a secondary identity ifpersonalEmail.addressis set in the event - wraps the full event inside an
xdmobject before forwarding to the Edge
Example:
Custom event published through MSE SDK:
mse.publish.custom({
commerce: {
saveForLaters: {
value: 1,
},
},
});
In AEP Edge:
{
xdm: {
identityMap: {
ECID: [
{
id: 'ecid1234',
primary: true
}
],
email: [
{
id: "runs@safari.ke",
primary: false
}
]
},
commerce: {
saveForLaters: {
value: 1
}
}
}
}
note Using custom events may affect OOTB Adobe Analytics reports.
Handling event overrides (custom attributes)
Attribute overrides for standard events are supported for the Experience Platform only. Custom data will not be forwarded to Commerce dashboards and metrics trackers.
For any event with a set customContext, the collector overrides joins fields set in the relevant contexts with fields in customContext. The use case for overrides is when a developer wants to reuse and extend contexts set by other parts of the page in already supporte events.
Note when overriding custom events, event forwarding to AEP should be turned off for that event type in order to avoid-double counting.
Example:
Product view with Adobe Commerce overrides published though MSE SDK:
Product context (set by another script on the page):
{
}
mse.publish.productPageView({
productListItems: [
{
productCategories: [
{
categoryID: "cat_15",
categoryName: "summer pants",
categoryPath: "pants/mens/summer",
},
],
},
],
});
In AEP Edge:
{
xdm: {
eventType: 'commerce.productViews',
identityMap: {
ECID: [
{
id: 'ecid1234',
primary: true,
}
]
},
commerce: {
productViews: {
value : 1,
}
},
productListItems: [{
SKU: "1234",
name: "leora summer pants",
productCategories: [{
categoryID: "cat_15",
categoryName: "summer pants",
categoryPath: "pants/mens/summer",
}],
}],
}
}
Note Overriding events with custom attributes may affect OOTB Adobe Analytics reports.
Shopper Consent and Data Collection Opt out
The "mg_dnt" cookie is used by Product Recommendations to restrict data collection.
when the cookie restriction mode is enabled, data services will set the "mg_dnt" cookie to true.
const listenForCookieEvents = ($) => {
const DNT_COOKIE = "mg_dnt";
let userAllowedSaveCookie = !!$.mage.cookies.get("user_allowed_save_cookie");
if (userAllowedSaveCookie) {
$.mage.cookies.clear(DNT_COOKIE);
} else {
$.mage.cookies.set(DNT_COOKIE, true);
}
};
By default, the user consent preference in AEP is set to "opt in", unless the cookie restriction mode is enabled and the "mg_dnt" cookie is present.
The script will keep polling to check for any changes and send the updated preference to AEP.
const doNotTrackCookie = document.cookie.indexOf("mg_dnt") !== -1;
alloy("setConsent", {
consent: [
{
standard: "Adobe",
version: "1.0",
value: {
general: doNotTrackCookie ? "out" : "in",
},
},
],
});
setInterval(setConsent, 1000);
PII Data Collection
The following events forward a user's email as PII data to AEP:
createAccount
editAccount
signIn
Support
If you have any questions or encounter any issues, please reach out at these locations.
FAQs
Event Collectors for Adobe Commerce storefronts
We found that @adobe/magento-storefront-event-collector demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 31 open source maintainers collaborating on the project.
Package last updated on 30 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
By Sarah Gooding - Oct 30, 2025
Security News
Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers Offer to Transfer All Rights to Matz
Ruby's creator Matz assumes control of RubyGems and Bundler repositories while former maintainers agree to step back and transfer all rights to end the dispute.
By Sarah Gooding - Oct 29, 2025