Discussions

We run a WordPress public website and an iMIS RiSE member portal on a separate subdomain. Both use the same GA4 property via GTM. Cross-domain tracking is configured in GA4 and works correctly for logged-out users -- the _gl parameter appends to IMIS URLs on link click and sessions stitch correctly across domains.

The problem is that when a logged-in member navigates from the public site to any page on the IMIS subdomain, the ASP.NET Forms Authentication redirect fires before GA4 can load on the destination page.

The _gl parameter is present in the URL before the redirect but is gone by the time the destination page loads. All logged-in member journeys appear in GA4 as new direct sessions originating inside IMIS with no attribution to the original traffic source.

The redirect originates from the ASP.NET Forms Authentication pipeline at /AsiCommon/Controls/Shared/FormsAuthentication/Login.aspx.

Three questions:

• Has anyone resolved this through their hosting provider -- specifically getting a server-side change made to preserve query string parameters through the Forms Auth redirect? Is this something that can be requested through a standard support ticket?
• Has anyone implemented a GTM-based workaround by reading the GA4 client_id and session_id from cookies on the source domain and appending them as URL parameters before the redirect fires, and did it hold up reliably in a RiSE production environment?
• Is there a supported iMIS-native approach we are missing -- for example using the @url: parameter flow-through in RiSE, or passing the iMIS member ID to GA4 as a User ID to stitch sessions by identity rather than by cookie?