Activity logs and Marketo API

Forum|Forum|7 years ago
August 21, 2018
1 reply
8084 views

Hello,

Our web-security team told us that added marketo forms to other web sites via scripts (embed code) is not secure and advised to use Marketo API.

While researching info about Marketo API I faced 1 problem I really hope you can help me with:

As I understood from this post Trigger Marketo Flow using REST API when you push leads info from other form to Marketo using API - the status in User Activity Log will be "Person is Pushed".

1.Can we change this log message somehow or at least track from what page user was added to Marketo (needs for marketo triggers)?

2. Does anyone have security issues with adding marketo forms as ember code?

Thanks in advance.

Marketo

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

SanfordWhiteman

Level 10

"Not secure" is meaningless without details.

In fact, simply switching to REST API push instead of forms immediately opens a Denial of Service vulnerability.

So they have it backwards.

L

Liudmila_TeAuthor

Level 2

"Not secure" means that in embed code marketo show the marketo user id without any "masking":

SanfordWhiteman

Level 10

Haha, what?

You can see that same public information in the Munchkin embed code (without which you can't do any web tracking).

That's like saying people can see your GTM ID in view-source. You have to be able to see information that is used in embed codes on public websites, whether for GA, Facebook, Twitter, any tracking pixel.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded