What it means
A Postback is a server-to-server (S2S) call that notifies the tracking platform of a conversion using a stored click ID rather than a browser cookie. Because it doesn't depend on cookies or pixels, postback tracking is more resilient to ad blockers and privacy restrictions, and is standard in CPA networks.
A postback, also called server-to-server or S2S tracking, records a conversion by sending an HTTP request directly from the advertiser's server to the tracking platform when a sale completes. Rather than relying on a pixel in the buyer's browser, the advertiser stores a unique click identifier at click time and passes it back on conversion, so the match happens entirely between servers. No cookie or browser script is needed to close the loop.
The flow works in two stages: on the click, the network appends a click ID to the destination URL and the advertiser captures it; on the conversion, the advertiser fires a call to the network's postback URL with that same click ID and often the sale amount. The network looks up the stored click, confirms the ID matches, and books the conversion. Because everything hinges on the click ID surviving the round trip, correct parameter passing is critical.
Postbacks are the backbone of modern performance tracking precisely because they sidestep cookie deletion, ad blockers, and browser privacy limits that break pixel-based methods. They are standard in CPA, app install, and lead-generation channels where accuracy and fraud resistance matter, and they allow the advertiser to fire conversions only after validating an order, filtering out cancellations and fraud. Affiliates gain more reliable tracking that is not silently eroded by the browser.
The main drawbacks are setup complexity and trust: the advertiser must implement server-side firing correctly and honestly, since the affiliate cannot independently see the browser event. Misconfigured click ID passing, duplicate firing, or delayed postbacks are common failure modes, and debugging requires access to server logs on both sides. Despite this friction, S2S is increasingly the default as cookieless tracking becomes unavoidable.
Key points
- Fires server to server, with no browser cookie required
- Relies on a click ID captured at click and returned at conversion
- Resistant to ad blockers and cookie deletion
- Standard for CPA, app install, and lead generation
- Correct click ID passing is the critical failure point
Example
An affiliate sends a click carrying click_id=abc123, which the advertiser stores against the session. When the user completes a $50 signup, the advertiser's server calls network.com/postback?click_id=abc123&amount=50. The network matches abc123 to the original click and books the conversion, without ever reading a cookie in the user's browser.
Also known as
Related terms
Pixel Tracking
A snippet fired on a confirmation page to record a conversion in the browser.
SubID
A custom parameter appended to links to track granular traffic sources.
Cookieless Tracking
Attribution methods that work without third-party browser cookies.
Affiliate Link
A unique URL that attributes traffic and conversions to a specific affiliate.