
WP Pixel S2S Integration Technical Documentation
Introduction
The WP Pixel S2S service enables direct transmission of e-commerce events from the Partner's systems to the Wirtualna Polska ecosystem in a Server-to-Server model. Communication is based on REST API with OAuth 2.0 authorization.
This solution is dedicated to clients who want to send events using their own infrastructure for additional data enrichment, transmitting events from various sources, or integration with existing market solutions.
To maintain advertising and analytical capabilities, the S2S integration must provide all functionalities available in the frontend integration and WP Pixel SDK (mobile application), including access to and storage of cookies, and transmission of all basic user identifiers.
Access and Configuration of Authentication Credentials
To perform the integration, the following access data from WP is required:
| Parameter | Description |
|---|---|
| Client ID | client identifier |
| Client Secret | authorization key |
These data are a standard OAuth 2.0 authentication mechanism in client_credentials mode. Each client identifier allows sending data for a specific set of identifiers in the WP Pixel system.
Important
Authentication data is your "login and password". Store and use it securely and do not share it with third parties. If you suspect a data leak, contact WP to request a new pair of client_id and client_secret.
Your data is not stored by WP in any form other than the minimum required to perform authorization. In case of losing the secret, there is no possibility to recover it on the WP side.
Authentication (OAuth 2.0)
The system uses the OAuth 2.0 standard. Every API request must be authorized with a valid access token (Bearer Token).
Obtaining an Access Token
To obtain a token, exchange your credentials (Client ID and Secret) for a session token.
Endpoint: POST https://pixel.wp.pl/s2s/v1/oauth/token
Purpose: Obtain an accessToken authorizing event transmission.
Token validity period: 1 hour (3600 seconds)
Required parameters (body):
| Parameter | Value / Description |
|---|---|
grant_type |
"client_credentials" |
scopes |
["s2s.events.push"] |
client_id |
Your identifier |
client_secret |
Your secret |
Sample Request:
POST https://pixel.wp.pl/s2s/v1/oauth/token
Content-Type: application/json
{
"client_id": "77b81adc-83ca-4e6a-a8ab-ebf25d4181e3",
"client_secret": "<redacted>",
"grant_type": "client_credentials",
"scopes": ["s2s.events.push"]
}
Sample Response:
Content-Type: application/json
{
"accessToken": "<redacted>",
"tokenType": "bearer",
"expiresIn": "3599s"
}
Request Authorization
The obtained token should be sent in the HTTP header of each request sending events and shared between requests:
Authorization: Bearer <YOUR_TOKEN>
Event Transmission — REST API
Available Methods
The service provides two endpoints for data transmission:
| Type | Endpoint |
|---|---|
| Single event | POST /v1/events |
| Batch transmission | POST /v1/events/batch |
Sample Request (single event):
POST https://pixel.wp.pl/s2s/v1/events
Authorization: Bearer <redacted>
Content-Type: application/json
{
"event": {
"pixel_id": "WP-ADS-123-456-789",
"event_type": "Purchase",
"user_id": "3065210629.1770720426993",
"session_id": "2045210728.1770720426993",
"url": "https://example.com/purchase/product1"
}
}
Sample Response:
Content-Type: application/json
{
"status": {
"success": true
}
}
Sample Request (batch):
POST https://pixel.wp.pl/s2s/v1/events/batch
Authorization: Bearer <redacted>
Content-Type: application/json
{
"events": [
{
"pixel_id": "WP-ADS-123-456-789",
"event_type": "AddToCart",
"user_id": "3065210629.1770720426993",
"session_id": "2045210728.1770720426993",
"url": "https://example.com/purchase/product1"
},
{
"pixel_id": "WP-ADS-123-456-789",
"event_type": "Purchase"
}
]
}
Sample Response (batch):
{
"results": [
{
"status": {
"code": 0,
"message": "OK",
"details": []
},
"result": {
"success": true
}
},
{
"status": {
"code": 0,
"message": "OK",
"details": []
},
"result": {
"success": true
}
}
]
}
The response for the batching endpoint contains the status for each event separately in the order of submission. In case of processing or transmission error for any event, the status field will contain the appropriate error code. The result field contains the response for a single event submission.
Data Structure and Event Parameters
Required Parameters
Each event must contain:
pixel_id(string, required) – e-commerce partner identifier. The S2S client can only send events forpixel_idit has permissions for (submitted during the integration process or added later)event_type(string, required) – event type
Supported Event Types
| Event Type | Description |
|---|---|
ViewContent |
page view (page type is determined by the content_name parameter) |
AddToCart |
adding product(s) to cart |
RemoveFromCart |
removing product(s) from cart |
ViewCart |
viewing cart contents |
StartOrder |
starting the checkout process |
Conversion |
completing a transaction, e.g., filling out a contact form or signing up for a test drive (lead) |
Purchase |
completing a purchase of product(s) |
Important
Events without correctly filled pixel_id and event_type parameters will not be accepted.
Content Name
ViewContent events describe the display of any type of content. The content_name parameter is required
to specify the type of this content.
It is used to differentiate, for example, a product listing event (ProductList) from a product page (ViewProduct).
content_name parameter value |
Description |
|---|---|
ProductList |
product list page view |
ViewProduct |
specific product page view |
Login |
login form |
Register |
registration form |
PriceList |
pricing page |
View |
page view without a dedicated event type |
For the purpose of comprehensive data measurement, it is recommended that every page view is associated with sending an event.
If there is no dedicated event type, a ViewContent event should be sent with the content_name parameter set to View.
User Identification Parameters
The following parameters are critical from the perspective of data quality and marketing effectiveness (retargeting, analytics).
| Parameter | Type | Required | Purpose | Description |
|---|---|---|---|---|
email_hash |
string | recommended | advertising | hashed user email address (SHA-256) |
user_id |
string | required | system operation | unique, generated user identifier in simple form |
session_id |
string | required | system operation | session identifier |
statid |
string | required | advertising | device identifier, method for obtaining statid described below |
longterm_id |
string | recommended | advertising | user identifier in the client's CRM system |
gaid |
string | required (for mobile app traffic) | advertising | Google Advertising ID, Android device identifier |
idfa |
string | required (for mobile app traffic) | advertising | Apple Identifier for Advertisers, Apple device identifier |
idfv |
string | required (for mobile app traffic) | advertising | Apple Identifier for Vendors, Apple device identifier |
provider_user_id |
string | recommended | system operation | user identifier in the intermediary system for event transmission |
ceeid |
string | required | advertising | allows for the identification of users across different publishing platforms |
We recommend sending as many available user identifiers as possible to ensure the highest quality of our retargeting models and maintain high campaign performance.
Identifiers Generated by WP
User ID and Session ID
These parameters are simple user identifiers, automatically generated on the integration side when sending an event. The format for both parameters is a string of 10 digits and a UNIX timestamp in milliseconds, separated by a dot.
Example of a valid value: 5065210629.1770720426993
Implementation Guidelines:
user_id– should be assigned to a specific user/device in the best available way and cached on the integration side. If the parameter is unavailable, it should be generated according to the described structure. Recommended caching period: 30 days from last use.session_id– user session identifier for interaction with the service. It should be generated according to the described data structure and attached to all events resulting from the given session. Recommended caching period: 15 minutes from last use.
These parameters are required for correct event processing.
Stat ID
User device identifier. Generated via a GET request to the /s2s/v1/device endpoint. It should be generated once for a specific device being the source of the event and cached on the integration side. Recommended caching period: 3 years from last use.
Generating statid
Endpoint: GET https://pixel.wp.pl/s2s/v1/device
Purpose: Obtain statid – the user device identifier.
Sample Request:
GET https://pixel.wp.pl/s2s/v1/device
Sample Response:
< HTTP/1.1 200 OK
< Content-Type: application/json
< Set-Cookie: statid=570edca00ac5f4f34741a17c5c9ba3e6:3f6f46:1772559563:v3; Path=/; Domain=wp.pl; Expires=Fri, 02 Mar 2029 17:39:23 GMT; Secure; SameSite=None
< Vary: Origin
< Date: Tue, 03 Mar 2026 17:39:23 GMT
< Content-Length: 66
<
{"statid":"570edca00ac5f4f34741a17c5c9ba3e6:3f6f46:1772559563:v3"}
The newly generated statid is found in the response body under the statid field. For the above example, the value is: 570edca00ac5f4f34741a17c5c9ba3e6:3f6f46:1772559563:v3.
Note
This endpoint uses browser CORS mechanisms. When making a request directly from the user's browser, it will be blocked if the origin address is not on the list of trusted partners. If your integration makes requests directly from the user's browser — contact us to obtain access.
WP Identifier Migration
In the case where the implemented S2S integration replaces the original WP JS Pixel that was previously running on the target portal, a migration of WP identifiers should be performed to ensure data continuity and maintain high quality product recommendations in the campaign.
The WP JS Pixel independently generated UserID, SessionID, and statid identifiers and stored them as cookies or local storage entries in the browser for reuse.
The simple user identifier is stored in the browser's local storage under the keys __wph_a.key (first part) and __wph_a.ts (second part).
For example, for the values:
| key | value |
|---|---|
__wph_a.key |
9932649645 |
__wph_a.ts |
1762944814357 |
The user identifier is: 9932649645.1762944814357.
Migration of the above parameters is required for users sending events as part of browser-based integrations. For events from unknown users in non-browser environments (e.g., mobile applications), if we do not know the user identifiers, they should be generated according to the instructions in sections User ID and Session ID and Stat ID.
Email Hash
Hashed user email address using the SHA-256 algorithm. An example of correct address normalization and hashing can be found in the WP JS Pixel documentation.
This parameter is recommended to be sent in the email_hash field if available.
Longterm ID
User identifier in the client's CRM system. This parameter is recommended to be sent in the longterm_id field if available.
Mobile Device Identifiers
For events from mobile devices, include identifiers for those devices. These identifiers help identify users on mobile devices and are often used to track user behavior in mobile applications.
GAID
Google Advertising ID - advertising identifier used in mobile applications on Android devices. This parameter is recommended to be sent in the gaid field if available.
IDFA
Apple Identifier for Advertisers - advertising identifier used in mobile applications on iOS devices. This parameter is recommended to be sent in the idfa field if available.
IDFV
Apple Identifier for Vendors - advertising identifier on iOS devices for applications from the same distributor. This parameter is recommended to be sent in the idfv field if available.
Provider User ID
User identifier in the partner's intermediary system for event transmission. This identifier should be provided to ensure correct operation of our system if the system sending events is between its source (e.g., e-commerce store) and the WP Pixel system. This parameter should be sent in the provider_user_id field.
CEEid
CEEId is a universal user identification standard developed within the systems of Wirtualna Polska.
More information about this identifier and how to generate it is available in the official documentation: https://ceeid.eu/.
Data Processing Consent (GDPR)
Under applicable Polish law (GDPR), user data should be processed in accordance with their express consent. Users grant this consent on the so-called GDPR consent board in the TCF (Transparency and Consent Framework) format.
The fact of consent should be indicated in the sent event using the tracking_consent parameter with the value 1.
Basic Event Parameters
The following table contains a set of basic, most common event parameters that most frequently appear in e-commerce integrations.
| Parameter | Type | Description |
|---|---|---|
value |
float | net value representing the full amount the event relates to. E.g., purchase of two products at 100 PLN net each = 200 |
value_gross |
float | gross value of the above |
shipping_cost |
float | product shipping cost |
discount_value |
float | full promotional discount value for the given event |
currency |
string | three-letter ISO 4217 currency code (e.g., PLN, EUR, USD) |
transaction_id |
string | transaction identifier in the client's system (e.g., purchase ID) |
url |
string | complete URL of the page from which the event originates |
referer |
string | referrer URL from which the user arrived at the page |
timestamp |
string | event timestamp in RFC 3339 format |
Note
Due to the strong dependency of our environment on URL values, please ensure that the url parameter is always filled. For events from mobile applications:
- if the event comes from a deep-linked session to the application (opening the app from a link), please enter that link in the
urlparameter, - if the event comes from an organic session, please format the URL according to the pattern:
<pixel_id>.s2s.wp.pl.
Event Items (contents)
Most events should contain a contents parameter with all items that are the subject of the given event. The following table describes the basic, most popular parameters for a single product.
| Parameter | Type | Description |
|---|---|---|
id |
string | unique product identifier in the client's system (ID or group ID) |
name |
string | product name |
ean |
string | product EAN (European Article Number) code |
quantity |
int64 | number of product units |
price |
float64 | unit price of a single product |
category |
string | product category or category path, e.g., "Clothing/Men/Shirts" |
brand |
string | product brand or manufacturer |
model |
string | product model name or number |
seller_id |
string | product seller identifier (crucial for marketplace platforms) |
discount |
float64 | discount amount from original price |
condition |
string | product condition, e.g., "new", "used", "refurbished" |
User Metadata
Additional parameters identifying the user's device.
| Parameter | Type | Description |
|---|---|---|
source_ip |
string | IP address of the user's device |
user_agent |
string | browser User-Agent of the user |
Mobile Application Details
Additional information about the mobile application from which the event was sent.
| Parameter | Type | Description |
|---|---|---|
build |
string | Application build number |
version |
string | Application version, e.g. 1.2.3 |
name |
string | Application name, e.g. MyApp |
package |
string | Application package identifier, e.g. com.example.myapp |
platform |
enum | Mobile platform: 1 for iOS, 2 for Android |
These parameters should be placed in the app structure of the source event.
Geolocation Parameters
Geolocation is an important parameter for many events. This allows us to tailor ads and offers to the user's location.
In the event structure, geolocation parameters should be included in the geo structure. The following table describes the geolocation parameters supported by our system.
| Parameter | Type | Description |
|---|---|---|
latitude |
float | latitude |
longitude |
float | longitude |
accuracy |
float | position accuracy in meters |
speed |
float | device speed in meters per second |
altitude |
float | altitude above sea level in meters |
altitude_accuracy |
float | altitude measurement accuracy in meters |
Additional Event Parameters
The following table describes optional, less common event parameters available in the API. We encourage sending them if they are easily available in your system.
| Parameter | Type | Description |
|---|---|---|
host |
string | event page host (URL address) |
timezone |
string | IANA timezone of the event, e.g., Europe/Warsaw |
os |
string | user device operating system |
search_string |
string | phrase entered by the user in the search engine |
category |
string | leading category of the page section displayed to the user |
Real-World Usage Example
The following section describes an example of a complete event submission with an optimal payload.
Authorization
For authentication credentials:
| Parameter | Value |
|---|---|
client_id |
abc |
client_secret |
123 |
Important
The above data is only sample values that do not work in our system. The client should use their own authentication credentials.
Send a token request:
curl --location 'https://pixel.wp.pl/s2s/v1/oauth/token' \
--header 'Content-Type: application/json' \
--data '{
"client_id": "abc",
"client_secret": "123",
"grant_type": "client_credentials",
"scopes": [
"s2s.events.push"
]
}'
Sample response:
{
"accessToken": "12345678",
"tokenType": "bearer",
"expiresIn": "3599s"
}
The received accessToken should be retrieved and used to send the event by including it in the Authorization header.
Event Submission
Send a standard Purchase event for a product purchase with the most commonly used data in a real-world use case.
Send a POST request to https://pixel.wp.pl/s2s/v1/events.
curl --location 'https://pixel.wp.pl/s2s/v1/events' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer 12345678' \
--data '{
"event": {
"timestamp": "2026-02-11T10:45:09Z",
"pixel_id": "WP-ADS-123-456-789",
"event_type": "Purchase",
"url": "https://example.com/offer/17371061217",
"user_id": "5065210629.1770720426993",
"session_id": "1265710324.1770720426993",
"longterm_id": "245563",
"host": "example.com",
"referer": "https://wp.pl",
"value_gross": 439.99,
"value": 357.72,
"currency": "pln",
"transaction_id": "1010230213",
"email_hash": "A591A6D40BF420404A011733C8A1E36E1B8B3EDJNEF9FF98789EWFEFE7F8FE",
"tracking_consent": 1,
"statid": "aaea2b986bcc556e566535c84d0662c1:7b5714:1770898423:v3",
"provider_user_id": "44808975-e761-4787-8df1-b02a9a6df5a7",
"origin_meta": {
"source_ip": "192.168.1.1",
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36"
},
"app": {
"build": "1130202",
"version": "1.13.2",
"name": "MyApp",
"package": "com.example.myapp",
"platform": 1
},
"geo": {
"latitude": 53.197744,
"longitude": 18.373484,
"altitude": 10,
"accuracy": 10,
"altitude_accuracy": 11,
"speed": 12
},
"contents": [
{
"id": "6123576",
"name": "blouse",
"ean": "6123563",
"brand": "4F",
"model": "cordura",
"seller_id": "eaer2",
"quantity": 2,
"product_type": "blouse",
"price": 120.00
},
{
"id": "4234576",
"name": "kozaki",
"ean": "1233563",
"brand": "Nike",
"model": "234235",
"seller_id": "eaer2",
"quantity": 1,
"product_type": "shoes",
"price": 199.99
}
]
}
}'
The above request sent an event for the purchase of two products for partner WP-ADS-123-456-789, with the structure:
{
"event": {
"timestamp": "2026-02-11T10:45:09Z",
"pixel_id": "WP-ADS-123-456-789",
"event_type": "Purchase",
"url": "https://example.com/offer/17371061217",
"user_id": "5065210629.1770720426993",
"session_id": "1265710324.1770720426993",
"longterm_id": "245563",
"host": "example.com",
"referer": "https://wp.pl",
"value_gross": 439.99,
"value": 357.72,
"currency": "pln",
"transaction_id": "1010230213",
"email_hash": "A591A6D40BF420404A011733C8A1E36E1B8B3A1EFNFJRGFRE97654UIWEFEWFEWF87",
"tracking_consent": 1,
"statid": "aaea2b986bcc556e566535c84d0662c1:7b5714:1770898423:v3",
"provider_user_id": "44808975-e761-4787-8df1-b02a9a6df5a7",
"origin_meta": {
"source_ip": "192.168.1.1",
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36"
},
"app": {
"build": "1130202",
"version": "1.13.2",
"name": "MyApp",
"package": "com.example.myapp",
"platform": 1
},
"geo": {
"latitude": 53.197744,
"longitude": 18.373484,
"altitude": 10,
"accuracy": 10,
"altitude_accuracy": 11,
"speed": 12
},
"contents": [
{
"id": "6123576",
"name": "blouse",
"ean": "6123563",
"brand": "4F",
"model": "cordura",
"seller_id": "eaer2",
"quantity": 2,
"product_type": "blouse",
"price": 120.0
},
{
"id": "4234576",
"name": "kozaki",
"ean": "1233563",
"brand": "Nike",
"model": "234235",
"seller_id": "eaer2",
"quantity": 1,
"product_type": "shoes",
"price": 199.99
}
]
}
}
Sample response:
HTTP/2 200
Server: nginx
Date: Wed, 11 Feb 2026 12:05:00 GMT
Content-Type: application/json
Content-Length: 27
{"status":{"success":true}}
Response
The success variable with the value true and the HTTP 200 OK response indicate successful event submission.