uploadClickConversions with GCLID/WBRAID/GBRAID for invalid-traffic exclusion – how do consent flags affect conversion detection?

31 views
Skip to first unread message

Nasser Oudjidane

unread,
2:56 AM (7 hours ago)  2:56 AM
to (Deprecated) Google Ads API and AdWords API Forum

Hi, 

I’m building an ad fraud protection tool that uses the Google Ads API and uploadClickConversions with GCLID / WBRAID / GBRAID to mark invalid trafficand then exclude those users via a user list built from a specific conversion action.

My upload looks like this (TypeScript / Node):
const res = await customer . conversionUploads . uploadClickConversions ({
customer_id: conversionAccountId,
conversions: [
{
... ( clidQueryParameterName === "GCLID" && { gclid: clid }),
... ( clidQueryParameterName === "WBRAID" && { wbraid: clid }),
... ( clidQueryParameterName === "GBRAID" && { gbraid: clid }),
conversion_action: conversionActionResourceName ,
conversion_date_time: new Date ()
. toISOString ()
. replace ( "T" , " " )
. replace ( "Z" , "+00:00" ),
// consent: {
// ad_user_data: enums.ConsentStatus.GRANTED,
// ad_personalization: enums.ConsentStatus.GRANTED,
// },
},
],
partial_failure: true ,
validate_only: false ,
toJSON : () => ({}),
});

The conversion action is configured as:

  • Counting = Every(compatible with WBRAID/GBRAID),

  • Goal = Secondary,

  • “Don’t use a value”(only for invalid-traffic logic / exclusion, not bidding).

I then create a user list that includes users who have this conversion action(i.e. a conversion-based user list off this “Invalid Traffic” action) and exclude that list from campaigns.

When I upload a conversion ( I omit the consent object for all of my requests), the API call returns success (no partial failures), but:

  • I see far fewer conversionsfor this action in metrics than I’ve uploaded (e.g. in all_conversions), and

  • The user list stays small, as if most of the uploaded conversions are not being detected/eligible.

My questions:

  1. For uploadClickConversions with GCLID/WBRAID/GBRAID, what is the expected behavior if the consent object is:

    • not provided at all,

    • provided with ad_user_data = DENIED, or

    • provided with ad_personalization = DENIED?

    Specifically:

    • Will these conversions still appear in reports (e.g. all_conversions)?

    • Will they still be eligible to populate a conversion-based user list?

  2. Is a conversion-based user list that is used only for exclusion(invalid traffic) still treated as “personalized advertising” and therefore requires ad_personalization = GRANTED?

  3. Is the following pattern correct/allowed:

    • Only send identifiers and set ad_user_data + ad_personalization = GRANTED when I have ad personalization consent,

    • Never upload identifiers for users without such consent (so they never enter the user list),

    • And still expect conversions to be visible/usable where consent is granted?

  4. When I omit the consent object completely, does Google infer consent state automatically from Consent Mode / other signals and silently treat some uploads as non-eligible (for reporting or user lists)? Or are such uploads supposed to behave the same as if consent were not restricted?

Right now uploads succeed (no explicit errors) but I see relatively few conversions and a small user list, so I’m trying to understand exactly how consent flags (or their absence) gate both conversion detectionand user list filling

Thanks! 

Google Ads API Forum Advisor

unread,
6:43 AM (3 hours ago)  6:43 AM
to adwor...@googlegroups.com
Hi,
Thank you for reaching out to the Google Ads API support team.
Please find your answers for your questions below:
>> For uploadClickConversions with GCLID/WBRAID/GBRAID, what is the expected behavior if the consent object is:
If consent is missing for EEA users, then the consent value is determined as not consented. Data from unconsented EEA users won't be processed and cannot be used for ad personalization using Customer Match. See FAQs and updates to consent mode for more details. 

  • Will these conversions still appear in reports (e.g. all_conversions)?

No, the conversion will not be reported in UI if you don't specify the consent. If consents are missing, then the consent value is determined as not consented. Data from unconsented EEA users will not be processed and cannot be used for ad personalization.

  • Will they still be eligible to populate a conversion-based user list?

No, user lists are not eligible to populate. You can refer to the usage flow document which suggest to populate the consent field of customer_match_user_list_metadata in your OfflineUserDataJob request.
>> Is a conversion-based user list that is used  only for exclusion  (invalid traffic) still treated as “personalized advertising” and therefore requires ad_personalization = GRANTED?
 Yes, you need to pass the consent even when the user lists the user for exclusion. Only to remove user list requests, consent is not needed.
>> Is the following pattern correct/allowed:
Yes, the pattern you have provided is correct i.e setting the ad_user_data + ad_personalization = GRANTED for both the conversions and user lists.
>> When I  omit the consent object completely , does Google infer consent state automatically from Consent Mode / other signals and silently treat some uploads as non-eligible (for reporting or user lists)? Or are such uploads supposed to behave the same as if consent were not restricted?
Yes, when you omit the consent object then those uploads are not eligible and not reported in the user list.
As your list size list is small, I would suggest to pass the consent parameter and refer to the help center.

Thanks,
Google Logo
Google Ads API Team

Feedback
How was our support today?

rating1 rating2 rating3 rating4 rating5
[2025-11-17 11:43:17Z GMT] This message is in relation to case "ref:!00D1U01174p.!500Ht01vTczS:ref" (ADR-00339498)



Nasser Oudjidane

unread,
7:30 AM (2 hours ago)  7:30 AM
to (Deprecated) Google Ads API and AdWords API Forum
Under GDPR Article 6(1)(f), we’re permitted to process data for the legitimate interest of fraud prevention and campaign efficiency. Since we are not using this data for personalization, retargeting, or profiling — but only for exclusion — we believe this does not require consent under EU law. Can you confirm why exclusion-only user lists are still treated as personalized advertising in Google Ads? 
Reply all
Reply to author
Forward
0 new messages