What is the alternative to send City, Region and Country without token_auth in tracking URL?

Hello Team,

We have gone through recent data on our Matomo analytics server and we found that user location are showing of their internet service provider server location.

So to get precise user location, we are trying send City, Region and Country as a part of tracking URL from our application.
However it is giving bad request error, so I used tracking_requests_require_authentication=0 and error resolved.

It is not a recommended way to use tracking_requests_require_authentication=0.
So as a alternative, we can set token_auth in URL. Is it ok to send token_auth in our tracking URL?
Will it create any problem if it is visible to end user?

Please guide me on this, I hope I will get some recommendation from you to send Geo location information from client side.

Thanks,
Sachin

Hi,

NO!

This is a very bad idea as everyone who has access to the token_auth has full access (and can log in as) the user who owns the token_auth.

I think the best solution in your case would be to send the data as part of the tracking URL and then write a simple Matomo (geolocation) plugin that takes the data from the parameters as truth.

I am new to Matomo world and I need someone help on this.

Could you please guide me on tracking tool?
Please point me to article or help.
Thanks,
Sachin

Hi,

Sorry, this was a typo: I meant “as part of the tracking URL”.

There is no complete guide for it (as noone did exactly this before and shared it as far as I know), but you can look at other geolocation plugins like https://github.com/ThaDafinser/Piwik-IntranetGeoIP for inspiration on how to write the plugin.